Please see Security Advisories for the week ending February 4, 2022
- Major vulnerability found in open-source dev tool for Kubernetes
- CISA Releases Security Advisory for Airspan Networks Mimosa
- Google Releases Security Updates for Chrome
- Cisco Releases Security Updates for RV Series Routers
- Samba Releases Security Updates
_______________________________
Major vulnerability found in open-source dev tool for Kubernetes
Situation
Researchers today disclosed a zero-day vulnerability in Argo CD, an open source developer tool for Kubernetes, which carries a “high” severity rating.
Problem
Exploits of the vulnerability in Argo CD could allow an attacker to acquire sensitive information — including passwords, secrets, and API keys — through utilization of malicious Kubernetes Helm Charts, Moshe Zioni, vice president of security research at Apiiro, wrote in a blog post. Helm Charts are YAML files used to manage Kubernetes applications.
Need
Argo encourages users of Argo CD to update their installation to one of the fixed versions.
For a brief overview:
https://venturebeat.com/2022/02/03/major-vulnerability-found-in-open-source-dev-tool-for-kubernetes/
________________________________
CISA Releases Security Advisory for Airspan Networks Mimosa
Situation
CISA has released an Industrial Controls Systems Advisory (ICSA) that details vulnerabilities in the Airspan Networks Mimosa product line.
Problem
Multiple vulnerabilities for Airspan Networks Mimosa include: Improper Authorization, Incorrect Authorization, Server-side Request Forgery, SQL Injection, Deserialization of Untrusted Data, OS Command Injection, Use of a Broken or Risky Cryptographic Algorithm
Implication
An attacker could exploit these vulnerabilities to achieve remote code execution, create a denial-of-service condition, or obtain sensitive information.
Need
CISA encourages users and administrators to review ICSA-22-034-02: Airspan Networks Mimosa for more information and apply the necessary mitigations.
For a brief overview:
For a more technical overview:
https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02
________________________________
Google Releases Security Updates for Chrome
Situation
Google has released Chrome versions 98.0.4758.80/81/82 for Windows and 98.0.4758.80 for Mac and Linux.
Implication
These versions address vulnerabilities that an attacker could exploit to take control of an affected system.
Need
CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates.
For a brief overview:
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/02/google-releases-security-updates-chromeFor a more technical overview:
https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html
________________________________
Cisco Releases Security Updates for RV Series Routers
Situation
Cisco has released security updates to address vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers.
Problem
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following:
- Execute arbitrary code
- Elevate privileges
- Execute arbitrary commands
- Bypass authentication and authorization protections
- Fetch and run unsigned software
- Cause denial of service (DoS)
Implication
A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Need
CISA encourages users and administrators to review Cisco advisory cisco-sa-smb-mult-vuln-KA9PK6D and apply the necessary updates.
For a brief overview:
For a more technical overview:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D
________________________________
Samba Releases Security Updates
Situation
The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba
Problem
Three vulnerabilities were addresses:
CVE-2021-44141: information leak via symlinks
CVE-2021-44142: out of bounds heap read/write vulnerability in VFS module
CVE-2022-0336: Samba AD users with permission to write to an account can impersonate arbitrary services
Implication
An attacker could exploit one of these vulnerabilities to take control of an affected system.
Need
Apply the necessary updates to Samba.
For more information:
https://www.samba.org/samba/security/CVE-2021-44141.html