Please see Security Advisories for the week ending July 10, 2020
- VMware Releases Security Updates for Multiple Products
- Juniper Networks Releases Security Updates for Multiple Products
- Citrix Security Updates for Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP
- VMware releases security update for VeloCloud
________________________________
VMware Releases Security Updates for Multiple Products
Situation
VMware is releasing multiple updates to its Fusion Pro remote console and Horizon client platforms to patch vulnerabilities that could lead to an attacker to be able to elevate user permissions to root on devices where the VMRC is installed.
Problem
VMware has found a vulnerability where an attacker can exploit VMware software on devices to elevate user rights to root.
Implication
Unpatched software leaves a vulnerability where an attacker could exploit the vulnerability and gain root privileges on the affected devices.
Need
VMware recommends installing the latest updates in its software platforms to prevent this vulnerability. VMW Fusion V11.5.5+ VMRC 11.2.0+ and VMW Horizon 5.4.3+ have been patched to prevent this exploit.
For a brief overview:
For a detailed overview:
https://www.vmware.com/security/advisories/VMSA-2020-0017.html
________________________________
Juniper Networks Releases Security Updates for Multiple Products
Situation
Juniper has released multiple security updates to patch vulnerabilities in its Juno OS across multiple products to prevent attackers from exploiting the vulnerabilities and taking over the affected systems.
Problem
Juniper has released multiple updates and upgrades to its Juno OS to make it more secure and to fix multiple vulnerabilities to prevent attacker from exploiting the software and gaining access or privileges on the devices.
Implication
Without the patches and constant updates, the systems are vulnerable to attacks which could compromise the system and allow attackers access into the devices, or network, or to control the devices and leak data or deny service, or pivot in the network.
Need
Juniper recommends reviewing their security advisory page and ensuring you regularly update your devices to the latest Juno OS or firmware.
For brief overview:
For a detailed overview:
https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES
________________________________
Citrix Security Updates for Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP
Situation
Citrix has released security updates to address multiple vulnerabilities found in Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO.
Problem
Vulnerabilities that are limited to management interface products could result in a system compromise by an unauthenticated user on the management network; or system compromise through cross-site scripting (XSS). An attacker could also create a download link for the device, which if downloaded and then executed by an unauthenticated user on the management network could result in the compromise of a local computer.
Vulnerabilities found that are applicable to a Virtual IP (VIP) could result in denial of service against either the Gateway or Authentication virtual servers by an unauthenticated user. Or remote port scanning of the internal network by an authenticated Citrix Gateway user. Attackers can only discern whether a TLS connection is possible with the port and cannot communicate further with the end devices.
Additionally, a vulnerability found in Citrix Gateway Plug-in for Linux that would allow a local logged-on user of a Linux system with that plug-in installed to elevate their privileges to an administrator account on that computer.
Implication
Successful exploitation of these vulnerabilities can allow a remote attacker to take control of an affected system.
Need
Citrix strongly recommends installing the latest update for Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP. Additional information about the security updates, vulnerabilities, and mitigation can be found in the link below.
For a detailed overview:
https://support.citrix.com/article/CTX276688
________________________________
VMware releases security update for VeloCloud
Situation
VMware has released a security update for VeloCloud that addresses a SQL-injection vulnerability.
Problem
VeloCloud Orchestrator does not apply correct input validation which allows the SQL-injection.
Implication
A malicious actor with access to VeloCloud can craft SQL queries to obtain data.
Need
Apply the patch provided from VMware as soon as possible.
For a detailed overview:
https://www.vmware.com/security/advisories/VMSA-2020-0016.html