Monthly Advisory • 3 ΜΙΝ READ
May Threat Advisory – Top 5
by Eleanor Barlow • May 2022
SecurityHQ’s Monthly Threat Report, Drawn from Recent Advisories of May 2022.
Credit to SecurityHQ team members: Devendra Bendre, Harsh Gajbhiya, Mandeep Sheoran, Geethu Krishna G.
F5 Released Patch for Critical Remote Code Execution Vulnerability in BIG-IP
Threat Reference: Global
Risks: System Takeover, Arbitrary System Command Execution
Advisory Type: Updates/Patches
Priority: Standard
F5 has patched critical remote code execution vulnerability having CVSS Score 9.8 in iControl REST component of the BIG-IP which allows unauthenticated attacker with network access to execute arbitrary system commands, perform file actions, and disable services on BIG-IP by sending undisclosed requests to bypass the iControl REST authentication.
Recommendation
- It is recommended to update BIG-IP to latest fixed versions.
Apple Patched Zero-day Vulnerabilities Along with Multiple Other Vulnerabilities Affecting Apple Devices.
Threat Reference: Global
Risks: Arbitrary Code Execution
Advisory Type: Updates/Patches
Priority: Elevated
Apple released security update to fix zero-day vulnerability which is actively exploited along with multiple other vulnerabilities for Apple devices. The vulnerability exists due to an error within the AppleAVD subsystem. Successful exploitation of these vulnerabilities could lead to arbitrary code execution on the targeted devices with the kernel level privileges.
Recommendation
- It is recommended to update Apple devices to their latest available version/patches.
VMware Fixed Critical Vulnerabilities in Multiple Products.
Threat Reference: Global
Risks: Privilege Escalation
Advisory Type: Advisory/Patches
Priority: Standard
VMware has released updates to fix a Critical and important vulnerability in various VMware products.
Recommendation
- It is recommended to update the affected VMware products to latest fixed versions.
Critical and High Vulnerabilities Fixed in Jupiter Theme and JupiterX Core WordPress Plugin
Threat Reference: Global
Risks: Privilege Escalation (Broken Access Control), Local File Inclusion (LFI)
Advisory Type: Updates/Patches
Priority: Standard
Security researchers discovered a critical privilege escalation vulnerability, Authenticated Path Traversal, and Local File Inclusion vulnerability in Jupiter Theme and JupiterX core WordPress Plugin.
Recommendation
- It is recommended to update affected software to the latest available version (Jupiter Theme 6.10.2 and JupiterX Core Plugin 2.0.8)
SonicWall Patched High Severity Unauthenticated Access Control Bypass Vulnerability in SMA 1000 Series
Threat Reference: Global
Risks: Improper Access Control vulnerability
Advisory Type: Updates/Patches
Priority: Standard
SonicWall released a security update to patch the unauthenticated access control bypass vulnerability with a CVSS score of 8.2 (High) and other vulnerabilities in the SMA 1000 Series. Successful exploitation of the vulnerability can allow an unauthenticated attacker to bypass access control and gain access to an organization’s internal resources.
Recommendation
- It is recommended to update SonicWALL SMA 1000 Series firmware to the latest available version/patch.
Having conducted incident response investigations across a wide range of industries, SecurityHQ are best placed to work with businesses large and small, and across numerous technical environments to reduce the impact of a cyber security incident. For more information on these threats, speak to an expert here.
Or if you suspect a security incident, you can report an incident here.