Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing outside attack surface. Netizen’s Security Operations Center (SOC) has compiled five vulnerabilities from October that should be immediately patched or addressed if present in your environment. Detailed writeups below:
CVE-2021-27855:
FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 may allow an attacker with valid credentials to get a login foothold and then leverage administration privilege escalation. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. The older versions of FatPipe may be affected as well. This vulnerability doesn’t require user interaction and the complexity of the attack is considered low. The FatPipe software allows companies to centrally manage their WAN’s (Wide Area Networks).
CVE-2022-23642:
Sourcegraph is a code search and navigation engine for developers. Sourcegraph prior to version 3.37 is vulnerable to RCE (Remote Code Execution) in the `gitserver` service. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. The service works as a git exec proxy and the vulnerability causes a failure to restrict an attacker from calling ‘git config’ that allows an attacker to set the git ‘core.sshCommand’ option to allow a connection. The exploitation depends upon how Sourcegraph is deployed. The attacker may be able to make an HTTP request to the gitserver and exploit it. A POC Is available on GitHub… https://github.com/Altelus1/CVE-2022-23642
CVE-2022-41082:
Microsoft Exchange Server Remote Code Execution Vulnerability. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. This vulnerability allows an attacker to get RCE (Remote Code Execution) when the Exchange Powershell is accessible to an attacker. This vulnerability can be chained together with CVE-2022-41040 in an exploit. This vulnerability doesn’t require user interaction and the complexity of attack is considered low.
CVE-2022-41040:
Microsoft Exchange Server Elevation of Privilege Vulnerability. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. This vulnerability is one of two reported zero-day vulnerabilities that affect Microsoft Exchange Server 2013, 2016 & 2019 and it is an SSRF (Server-Side Request Forgery) vulnerability. This vulnerability can allow an attacker with valid credentials to remotely trigger the vulnerability CVE-2022-41082. But valid credentials are needed to exploit either of these two vulnerabilities.
CVE-2021-3100:
The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-13 didn’t mimic the permissions of the JVM being patched, allowing it to escalate privileges. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. After Amazon deployed it’s Log4j patches, this vulnerability which allowed an attacker to escape the container and perform privilege escalation, was discovered.
Conclusion:
In conclusion, software vulnerabilities are a common nuisance to IT and security teams everywhere. Organizations that prioritize the remediation and patching of these vulnerabilities will drastically reduce their attack surface and ensure no doors into their environment are left unlocked.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact
