What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-08-18 06:33:50 | China-backed APT41 Hackers Targeted 13 Organisations Worldwide Last Year (lien direct) | The Chinese advanced persistent threat (APT) actor tracked as Winnti (aka APT41) has targeted at least 13 organizations geographically spanning across the U.S, Taiwan, India, Vietnam, and China against the backdrop of four different campaigns in 2021. "The targeted industries included the public sector, manufacturing, healthcare, logistics, hospitality, education, as well as the media and | Threat Guideline | APT 41 | ★★ |
 |
2022-08-18 06:15:07 | CVE-2022-35173 (lien direct) | An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during code generation, leading to a segmentation violation. | Guideline | ||
|
2022-08-17 22:15:08 | CVE-2022-2867 (lien direct) | libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. | Guideline | ||
|
2022-08-17 22:15:08 | CVE-2022-2868 (lien direct) | libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. | Guideline | ||
|
2022-08-17 22:15:08 | CVE-2022-2869 (lien direct) | libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. | Tool Guideline | ||
|
2022-08-17 21:08:45 | Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities (lien direct) | Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices. The list of issues is below - CVE-2022-32893 - An out-of-bounds issue in WebKit which could lead to the execution of arbitrary code by processing a specially crafted web content CVE-2022-32894 - An | Threat Guideline | ||
|
2022-08-17 19:15:07 | CVE-2022-2870 (lien direct) | A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability. | Vulnerability Guideline | ||
 |
2022-08-17 16:17:26 | China-Backed RedAlpha APT Builds Sprawling Cyber-Espionage Infrastructure (lien direct) | The state-sponsored group particularly targets organizations working on behalf of the Uyghurs, Tibet, and Taiwan, looking to gather intel that could lead to human-rights abuses, researchers say. | Guideline | ||
 |
2022-08-17 12:10:00 | New Deep Instinct partner program targets MSSPs fighting ransomware (lien direct) | Cybersecurity firm Deep Instinct has rolled out a new partner program to provide its endpoint and application protection software to managed security service providers (MSSPs), the company announced Wednesday.The Stratosphere program was initially announced in April, and designed as a simplified channel program that focuses on expected partner margins, instead of set discounts on the product. Volume-based recognition and “medallion tiers” for sales are out. Instead, the company is offering “loyalty points” for achieving a range of different sales-related goals-like creating leads, getting customers certified, or completing business plans.To read this article in full, please click here | Ransomware Guideline | ||
 |
2022-08-17 10:00:00 | A pragmatic approach to risk management & resilience (lien direct) | Cybersecurity starts with the ability to recognize your cyber risk. We will explore several topics related to taking a practical approach to managing risk and achieving cyber resilience. This is a blog series with collective thoughts from Bindu Sundaresan, Director AT&T Cybersecurity, and Nick Simmons, AVP, Cybersecurity. Cybercrime has become increasingly frequent, complex, and costly, posing a risk to all businesses regardless of size. How do you plan to respond when falling victim to a breach? Would you know who to call, how to react, or what to tell your employees, customers, and media? Could your organization absorb the potential financial and reputational impact of a lawsuit? The answer cannot be, "we store everything in the cloud, so we are good." Who owns the risk? Could your brand's image survive? What is acceptable, and how do you know your current plan will suffice? What more could your company do to understand better and manage the risk? These questions are all top of mind and need to be addressed from an overall business perspective. This blog summarizes the fundamental steps and offers suggestions to understand, manage, and respond to risk. Beyond technology, focus on risk and resilience It can be easy to deploy security technology and think you've mitigated risk to your business. Unfortunately, technology investment is no guarantee of protection against the latest threats. It is critical to take a risk-based approach to security, meaning leaders must identify and focus on specific elements of cyber risk to decrease enterprise risk. Specifically, the many components of cyber risk must be understood and prioritized for enterprise cybersecurity efforts. Organizations are increasingly aiming to shift from cybersecurity to cyber resilience, and the following recommendations can help forge this path: Understand the threats Measure the potential financial impact of cyber exposures compared to the company's risk appetite level; and Proactively manage cyber risks with clear action plans based on their capabilities and capacities to protect against cybercrime Risk-based approach Cyber resiliency requires a risk-based approach, accomplishing two critical things at once. First, it designates risk reduction as the primary goal, enabling the organization to prioritize investment, including implementation-related problem solving based squarely on a cyber program's effectiveness at reducing risk. Second, the program distills top management's risk-reduction targets into pragmatic implementation programs with precise alignment from senior executives to the front line. Following the risk-based approach, a company will no longer "build the control everywhere"; rather, the focus will be on building the appropriate controls for the worst vulnerabilities to defeat the most significant threats that target the business' most critical areas. The risk-based approach to cybersecurity is thus ultimately interactive and a dynamic tool to support strategic decision-making. Focused on business value, utilizing a common language among the interested parties, and directly linking enterprise risks to controls, the approach helps translate executive decisions about risk reduction into control implementation. The power of the risk-based approach to optimize risk reduction at any level of investment is enhanced by its flexibility, adjusting to an evolving risk-appetite strategy as needed. A risk-based approach recognizes that there are no perfect security solutions. Still, those that strategically balance security, scalability, access, usability, and cost can ultimately provide the best long-term protection against an evolving adversary. Fundamentally, risk transformation changes security strategy from an outside-in perspective, where external threats and regulations drive strategy, to an | Ransomware Data Breach Tool Vulnerability Threat Patching Guideline | ||
 |
2022-08-17 07:10:07 | ÆPIC Leak is the first CPU flaw able to architecturally disclose sensitive data (lien direct) | >Researchers uncovered a new flaw, dubbed ÆPIC, in Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. The ÆPIC Leak (CVE-2022-21233) is the first architecturally CPU bug that could lead to the disclosure of sensitive data and impacts most 10th, 11th and 12th generation Intel CPUs. ÆPIC Leak works on […] | Guideline | ||
 |
2022-08-17 02:49:53 | Cyber Security Return on Investment Basics (lien direct) | Cybersecurity investments can be difficult to justify. Oftentimes, senior leadership is more interested in seeing a return on investment... | Guideline | ★★ | |
|
2022-08-16 21:15:09 | CVE-2020-14379 (lien direct) | A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure. | Guideline | ||
|
2022-08-16 19:15:09 | CVE-2022-2847 (lien direct) | A vulnerability, which was classified as critical, has been found in SourceCodester Guest Management System. This issue affects some unknown processing of the file /guestmanagement/front.php. The manipulation of the argument rid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206489 was assigned to this vulnerability. | Guideline | ||
|
2022-08-16 19:15:08 | CVE-2022-2843 (lien direct) | A vulnerability was found in MotoPress Timetable and Event Schedule. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /wp-admin/admin-ajax.php of the component Quick Edit. The manipulation of the argument post_title with the input |
Vulnerability Guideline | ★★★★★ | |
|
2022-08-16 19:15:08 | CVE-2021-39035 (lien direct) | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213965. | Vulnerability Guideline | ★★ | |
|
2022-08-16 19:15:08 | CVE-2022-2844 (lien direct) | A vulnerability classified as problematic has been found in MotoPress Timetable and Event Schedule up to 1.4.06. This affects an unknown part of the file /wp/?cpmvc_id=1&cpmvc_do_action=mvparse&f=datafeed&calid=1&month_index=1&method=adddetails&id=2 of the component Calendar Handler. The manipulation of the argument Subject/Location/Description leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-206487. | Vulnerability Guideline | ★★ | |
|
2022-08-16 17:15:08 | CVE-2022-38194 (lien direct) | In Esri Portal for ArcGIS versions 10.8.1, a system property is not properly encrypted. This may lead to a local user reading sensitive information from a properties file. | Guideline | ||
 |
2022-08-16 15:06:00 | Anomali Cyber Watch: Ransomware Module Added to SOVA Android Trojan, Bitter APT Targets Mobile Phones with Dracarys, China-Sponsored TA428 Deploys Six Backdoors at Once, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Android, APT, China, Cyberespionage, India, Malspam, Ransomware, Spearphishing, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
APT-C-35: New Windows Framework Revealed
(published: August 11, 2022)
The DoNot Team (APT-C-35) are India-sponsored actors active since at least 2016. Morphisec Labs researchers discovered a new Windows framework used by the group in its campaign targeting Pakistani government and defense departments. The attack starts with a spearphishing RTF attachment. If opened in a Microsoft Office application, it downloads a malicious remote template. After the victim enables editing (macroses) a multi-stage framework deployment starts. It includes two shellcode stages followed by main DLL that, based on victim fingerprinting, downloads a custom set of additional information-stealing modules.
Analyst Comment: The described DoNot Team framework is pretty unique in its customisation, fingerprinting, and module implementation. At the same time, the general theme of spearphishing attachment that asks the targeted user to enable editing is not new and can be mitigated by anti-phishing training and Microsoft Office settings hardening.
MITRE ATT&CK: [MITRE ATT&CK] Phishing - T1566 | [MITRE ATT&CK] Virtualization/Sandbox Evasion - T1497 | [MITRE ATT&CK] Template Injection - T1221 | [MITRE ATT&CK] User Execution - T1204 | [MITRE ATT&CK] Ingress Tool Transfer - T1105 | [MITRE ATT&CK] Obfuscated Files or Information - T1027 | [MITRE ATT&CK] Deobfuscate/Decode Files or Information - T1140 | [MITRE ATT&CK] Scheduled Task - T1053 | [MITRE ATT&CK] System Information Discovery - T1082 | [MITRE ATT&CK] Input Capture - T1056 | [MITRE ATT&CK] Screen Capture - T1113 | [MITRE ATT&CK] Data from Local System - T1005 | [MITRE ATT&CK] Data from Removable Media - T1025 | [MITRE ATT&CK] Data from Network Shared Drive - T1039 | [MITRE ATT&CK] Credentials from Password Stores - T1555 | [MITRE ATT&CK] Data Staged - T1074 | [MITRE ATT&CK] Command and Scripting Interpreter - T1059
Tags: APT-C-35, DoNot Team, APT, India, source-country:IN, Government, Military, Pakistan, target-country:PK, Windows |
Ransomware Malware Tool Vulnerability Threat Guideline Medical | APT 38 | |
 |
2022-08-16 14:15:00 | New Attack Weaponizes PLCs to Hack Enterprise and OT Networks (lien direct) | The research resulted in proof-of-concept exploits against seven market-leading automation firms | Hack Guideline | ||
 |
2022-08-16 11:54:34 | Vulnerability Spotlight: Vulnerabilities in WWBN AVideo web app could lead to command injection, authentication bypass (lien direct) |  Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in the WWBN AVideo web application that could allow an attacker to carry out a wide range of malicious actions, including command injection and authentication bypass. AVideo is an open-source web application that allows users to build a video streaming and sharing platform. Anyone who joins the community can host videos on-demand, launch a live stream or encode different video formats. TALOS-2022-1542 (CVE-2022-32777 - CVE-2022-32778), TALOS-2022-1549 (CVE-2022-32761) and TALOS-2022-1550 (CVE-2022-28710) are information disclosure vulnerabilities that are triggered if an adversary sends the targeted instance a specially crafted HTTP packet. TALOS-2022-1550 and TALOS-2022-1549 could allow the adversary to read arbitrarily selected files, while TALOS-2022-1542 could allow them to steal the session cookie. Some of the most serious vulnerabilities discovered in this product are code injection issues. TALOS-2022-1546 (CVE-2022-30534), TALOS-2022-1551 (CVE-2022-33147 - CVE-2022-33149) and TALOS-2022-1548 (CVE-2022-32572) are triggered in a similar way, but instead could lead to arbitrary command execution. That could allow an attacker to gain access to an administrator's account: TALOS-2022-1537 (CVE-2022-26842) TALOS-2022-1538 (CVE-2022-32770 - CVE-2022-32772) TALOS-2022-1539 (CVE-2022-30690) TALOS-2022-1540 (CVE-2022-28712) The app also contains three privilege escalation vulnerabilities: TALOS-2022-1534 (CVE-2022-29468), TALOS-2022-1535 (CVE-2022-30605) and TALOS-2022-1545 (CVE-2022-32282). An attacker could exploit TALOS-2022-1545 to log in with only a hashed version of a user's password. TALOS-2022-1534 and TALOS-2022-1535 could be triggered if the attacker sends |
Vulnerability Guideline | ||
|
2022-08-16 08:15:07 | CVE-2022-33939 (lien direct) | CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP451) contains an issue in processing communication packets, which may lead to resource consumption. If this vulnerability is exploited, an attacker may cause a denial of service (DoS) condition in ADL communication by sending a specially crafted packet to the affected product. | Vulnerability Guideline | ||
 |
2022-08-16 05:00:57 | CrowdStrike Wins Technology Innovation Leadership Award, Continues Dominance in Endpoint Security Market (lien direct) | CrowdStrike is proud to receive Frost & Sullivan's 2022 Global Technology Innovation Leadership Award in the endpoint security sector. This recognition reflects CrowdStrike's continued investment to drive innovation and deliver more value to its customers through its industry-leading Falcon platform. The global shift to remote work has driven a tremendous increase in internet traffic, the […] | Guideline | ||
|
2022-08-16 01:15:13 | CVE-2022-36311 (lien direct) | Airspan AirVelocity 1500 prior to software version 15.18.00.2511 is vulnerable to injection leading to XSS in the SNMP community field in the eNodeB's web management UI. This issue may affect other AirVelocity and AirSpeed models. | Guideline | ||
|
2022-08-15 13:15:19 | CVE-2022-33991 (lien direct) | dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers. | Guideline | ||
|
2022-08-15 13:15:18 | CVE-2022-33990 (lien direct) | Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form. | Guideline | ||
 |
2022-08-15 12:25:27 | Announcing the New Veracode® Velocity™ Partner Program (lien direct) | Veracode is pleased to announce the launch of the new Veracode Velocity Partner Program. We've crafted a 3-step approach to align, enable, and engage with our partners so together we can make the world's software secure. What is the Veracode Velocity Partner Program? The Veracode Velocity Partner Program enables our valued Solution Providers to accelerate their application security revenues leveraging the Veracode Platform. Through a role-based strategy and approach, partners can engage and collaborate with Veracode to achieve our mutual goals and objectives. The knowledge, skills, insights, competencies, and best practices gained enhance our partners' ability to deliver industry-leading security solutions and services. This comprehensive program offers our partners tools, resources, and programs to help ensure success at every stage of the customer journey. The goal is to empower our partner teams so they can effectively sell, market, and support the Veracode Platform in our joint… | Guideline | ||
|
2022-08-15 12:15:19 | CVE-2022-33993 (lien direct) | Misinterpretation of special domain name characters in DNRD (aka Domain Name Relay Daemon) 2.20.3 leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form. | Guideline | ||
|
2022-08-15 12:15:18 | CVE-2022-33992 (lien direct) | DNRD (aka Domain Name Relay Daemon) 2.20.3 forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers. | Guideline | ||
|
2022-08-15 11:21:30 | CVE-2022-2814 (lien direct) | A vulnerability has been found in SourceCodester Simple and Nice Shopping Cart Script and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /mkshope/login.php. The manipulation of the argument msg leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206401 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-08-15 11:21:30 | CVE-2022-2813 (lien direct) | A vulnerability, which was classified as problematic, was found in SourceCodester Guest Management System. Affected is an unknown function. The manipulation leads to cleartext storage of passwords in the database. The identifier of this vulnerability is VDB-206400. | Vulnerability Guideline | ||
|
2022-08-15 11:21:29 | CVE-2022-2811 (lien direct) | A vulnerability classified as problematic has been found in SourceCodester Guest Management System. This affects an unknown part of the file myform.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206397 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-08-15 11:21:29 | CVE-2022-2812 (lien direct) | A vulnerability classified as critical was found in SourceCodester Guest Management System. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username/pass leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-206398 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-08-15 11:21:22 | CVE-2022-2378 (lien direct) | The Easy Student Results WordPress plugin through 2.2.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting | Guideline | ||
|
2022-08-15 11:21:17 | CVE-2022-2180 (lien direct) | The GREYD.SUITE WordPress theme does not properly validate uploaded custom font packages, and does not perform any authorization or csrf checks, allowing an unauthenticated attacker to upload arbitrary files including php source files, leading to possible remote code execution (RCE). | Guideline | ★★ | |
|
2022-08-15 11:20:59 | CVE-2022-2116 (lien direct) | The Contact Form DB WordPress plugin before 1.8.0 does not sanitise and escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting | Guideline | ★★ | |
 |
2022-08-15 09:56:43 | Google Fined A$60million in Penalties For Misleading Users on Location Data (lien direct) | Alphabet Inc’s Google Unit was ordered by Australia’s Federal Court to pay A$60million in penalties for misleading users on collection of their personal location data, according to Australia’s competition watchdog. The court found that Google mislead some customers about their personal location data that was being collected through their Android mobile devices between January 2017 […] | Guideline | ★★★★ | |
 |
2022-08-13 11:08:16 | Google fined $60 million over Android location data collection (lien direct) | The Australian Competition and Consumer Commission (ACCC) announced that Google was fined $60 million for misleading Australian Android users regarding the collection and use of their location data for almost two years, between January 2017 and December 2018. [...] | Guideline | ★★★★ | |
 |
2022-08-13 10:00:09 | Ukraine\'s cyber chief comes to Black Hat in surprise visit (lien direct) | Tl;DR - the news isn't good Black Hat In Brief Victor Zhora, Ukraine's lead cybersecurity official, made an unannounced visit to Black Hat in Las Vegas this week, where he spoke to attendees about the state of cyberwarfare in the country's conflict with Russia. The picture Zhora painted was bleak.… | Guideline | ||
|
2022-08-12 20:15:09 | CVE-2022-2802 (lien direct) | A vulnerability has been found in SourceCodester Gas Agency Management System and classified as critical. This vulnerability affects unknown code of the file gasmark/login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-206248. | Vulnerability Guideline | ||
|
2022-08-12 20:15:09 | CVE-2022-2800 (lien direct) | A vulnerability, which was classified as problematic, has been found in SourceCodester Gym Management System. Affected by this issue is some unknown functionality. The manipulation leads to clickjacking. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-206246 is the identifier assigned to this vulnerability. | Guideline | ||
|
2022-08-12 20:15:09 | CVE-2022-2804 (lien direct) | A vulnerability was found in SourceCodester Zoo Management System. It has been classified as critical. Affected is an unknown function of the file /pages/apply_vacancy.php. The manipulation of the argument filename leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-206250 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-08-12 20:15:09 | CVE-2022-2803 (lien direct) | A vulnerability was found in SourceCodester Zoo Management System and classified as critical. This issue affects some unknown processing of the file /pages/animals.php. The manipulation of the argument class_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206249 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-08-12 20:15:09 | CVE-2022-2801 (lien direct) | A vulnerability, which was classified as critical, was found in SourceCodester Automated Beer Parlour Billing System. This affects an unknown part of the component Login. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-206247. | Vulnerability Guideline | ||
|
2022-08-12 19:15:08 | CVE-2022-2797 (lien direct) | A vulnerability classified as critical was found in SourceCodester Student Information System. Affected by this vulnerability is an unknown functionality of the file /admin/students/view_student.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The identifier VDB-206245 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-08-12 15:15:16 | CVE-2022-37044 (lien direct) | In Zimbra Collaboration Suite (ZCS) 8.8.15, the URL at /h/search?action accepts parameters called extra, title, and onload that are partially sanitised and lead to reflected XSS that allows executing arbitrary JavaScript on the victim's machine. | Guideline | ||
|
2022-08-12 15:15:16 | CVE-2022-37042 (lien direct) | Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925. | Guideline | ||
|
2022-08-12 15:15:13 | CVE-2022-20340 (lien direct) | In SELinux policy, there is a possible way of inferring which websites are being opened in the browser due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-166269532 | Guideline | ★★★★★ | |
|
2022-08-12 15:15:13 | CVE-2022-20342 (lien direct) | In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-143534321 | Guideline | ||
|
2022-08-12 15:15:13 | CVE-2022-20362 (lien direct) | In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230756082 | Guideline |
To see everything:
Our RSS (filtrered)
