There are many high level vulnerabilities listed as high vulnerabilities for the week of July 11.
Number of cases, vendor and product are ...
- 1 ceneo-web-scrapper_project -- ceneo-web-scrapper
- 1 clinic's_patient_management_system_project -- clinic\'s_patient_management_system
- 2 google -- android
- 1 huawei -- ese620x_vess_firmware
- 8 microsoft -- windows_10
- 1 microweber -- microweber
- 1 redhat -- keycloak
- 1 roxy-wi -- roxy-wi
- 1 rpc.py_project -- rpc.py
- 3 samsung -- galaxy_store
- 1 siemens -- scalance_x200-4p_irt_firmware
- 2 siemens -- scalance_x204-2_firmware
- 3 siemens -- simatic_cp_1242-7_v2_firmware
- 1 syntactics -- free_booking_plugin_for_hotels\,_restaurant_and_car_rental
- 1 varktech -- pricing_deals_for_woocommerce
- 1 zimbra -- collaboration
Among them, I picked up 2 items below, which I think is having bigger difficulty than the ones with automatic update system like Windows Update and/or apt update and so on.
◆roxy-wi -- roxy-wi
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Attackers need not be authenticated to exploit this vulnerability. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Roxy-WIはHaproxy, Nginx, Apache, Keepalivedサーバを管理するためのWebインターフェースです。6.1.1.0 より前のバージョンには、リモートでコードが実行される脆弱性があります。/app/options.py ファイルでユーザーから受け取った入力を処理せずに、subprocess_execute 関数経由でシステムコマンドをリモートで実行することが可能です。攻撃者は、この脆弱性を悪用するために認証される必要はありません。ユーザは、アップグレードすることを推奨します。本脆弱性に対する回避策はありません。
Published on: 2022-07-08
CVSS Score: 10
◆siemens -- simatic_cp_1242-7_v2_firmware
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.
SIMATIC CP 関連製品の各バージョン(委細英語原文参照)で脆弱性が確認されました。 OpenVPN の特定の設定オプションにコードを注入することで、攻撃者は昇格した特権で任意のコードを実行することができます。
Published on: 2022-07-12
CVSS Score: 9.3
Source:
Bulletin (SB22-199)Vulnerability Summary for the Week of July 11, 2022
Original release date: July 18, 2022 | Last revised: July 19, 2022
No comments:
Post a Comment