- Apple Releases Security Updates for Multiple Products
- SonicWall: Patch critical SQL injection bug immediately
- Atlassian Releases Security Advisory for Questions for Confluence
- Cisco Releases Security Updates for Multiple Products
- Oracle Releases July 2022 Critical Patch Update
- Drupal Releases Security Updates
- Google Releases Security Updates for Chrome
- CISA Updates Advisory on Cyber Actors Continued Exploitation of Log4Shell in VMware Horizon Systems
_______________________________
Apple Releases Security Updates for Multiple Products
Situation:
Apple has released security updates for multiple products.
Problem:
These updates address vulnerabilities in multiple products.
Implication:
Attackers could exploit these vulnerabilities to take control of affected systems
Need:
CISA encourages users and administrators to review the Apple security updates and apply necessary releases.
Additional Resources:
CISA Bulletin:
https://www.cisa.gov/uscert/ncas/current-activity/2022/07/22/apple-releases-security-updates-multiple-products
Apple Security Updates:
https://support.apple.com/en-us/HT201222
________________________________
SonicWall: Patch critical SQL injection bug immediately
Situation:
SonicWall has published a security advisory.
Problem:
A critical SQL injection flaw impacting the GMS (Global Management System) and Analytics On-Prem products.
Implication:
An attacker could exploit this vulnerability that allows SQL injection due to improper neutralization of special elements used in an SQL Command.
Need:
We strongly encourage organizations using the Analytics On-Prem version outlined below should upgrade to the respective patched version immediately.
Additional Resources:
Bleeping Computer Bulletin: SonicWall: Patch critical SQL injection bug immediately
https://www.bleepingcomputer.com/news/security/sonicwall-patch-critical-sql-injection-bug-immediately/
________________________________
Atlassian Releases Security Advisory for Questions for Confluence
Situation:
Atlassian has released a security advisory to address a vulnerability (CVE-2022-26138) affecting Questions for Confluence App.
Problem:
Atlassian reports that the vulnerability is likely to be exploited in the wild.
Implication:
An attacker could exploit this vulnerability to obtain sensitive information.
Need:
CISA encourages users and administrators to review Atlassian’s security advisory, Questions For Confluence Security Advisory 2022-07-20 and apply the necessary updates immediately.
Additional Resources:
Questions For Confluence Security Advisory 2022-07-20:
https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html
For a brief overview:
https://www.cisa.gov/uscert/ncas/current-activity/2022/07/22/atlassian-releases-security-advisory-questions-confluence-app-cve
________________________________
Cisco Releases Security Updates for Multiple Products
Situation:
Cisco has released security updates.
Problem:
Vulnerabilities in multiple products.
Implication:
A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Need:
We encourage organizations to review the Cisco advisories and apply the necessary updates.
Additional Resources:
CISA Bulletin: Cisco Releases Security Updates for Multiple Products
https://www.cisa.gov/uscert/ncas/current-activity/2022/07/22/cisco-releases-security-updates-multiple-products
Cisco Security Advisories page:
https://tools.cisco.com/security/center/publicationListing.x
________________________________
Oracle Releases July 2022 Critical Patch Update
Situation:
Oracle has released its Critical Patch Update for July 2022.
Problem:
Addressing 349 vulnerabilities across multiple products.
Implication:
A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Need:
We encourage organizations to review the Oracle July 2022 Critical Patch Update and apply the necessary updates.
Additional Resources:
CISA Bulletin: Oracle Releases July 2022 Critical Patch Update
https://www.cisa.gov/uscert/ncas/current-activity/2022/07/20/oracle-releases-july-2022-critical-patch-update
July 2022 Critical Patch Update:
https://www.oracle.com/security-alerts/cpujul2022.html
________________________________
Drupal Releases Security Updates
Situation:
Drupal has released security updates.
Problem:
Vulnerabilities affecting Drupal 9.3 and 9.4.
Implication:
An attacker could exploit some of these vulnerabilities to take control of an affected system.
Need:
We encourage organizations to review Drupal security advisory SA-CORE-2022-015 and apply the necessary update.
Additional Resources:
CISA Bulletin: Drupal Releases Security Update
https://www.cisa.gov/uscert/ncas/current-activity/2022/07/21/drupal-releases-security-update
SA-CORE-2022-015:
https://www.drupal.org/sa-core-2022-015
________________________________
Google Releases Security Updates for Chrome
Situation:
Google has released security updates for Chrome version 103.0.5060.134, addressing vulnerabilities for Windows, Mac, and Linux.
Problem:
An attacker could take advantage of the vulnerabilities.
Implication:
Exploiting these vulnerabilities could give the attacker control over the affected systems.
Need:
We encourage organizations to review the Chrome Release Note and apply the necessary updates.
Additional Resources:
CISA Bulletin: Google Releases Security Updates for Chrome:
https://www.cisa.gov/uscert/ncas/current-activity/2022/07/21/google-releases-security-updates-chrome
Chrome Release Note:
https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop_19.html
________________________________
CISA Updates Advisory on Cyber Actors Continued Exploitation of Log4Shell in VMware Horizon Systems
Situation:
CISA has updated the joint CISA-United States Coast Guard Cyber Command (CGCYBER) Cybersecurity Advisory AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon.
Problem:
The advisory now includes IOCs (Incident of Compromise) provided in Malware Analysis Report (MAR)-10382580-2.
Implication:
If updates or workarounds were not promptly applied following VMware’s release of updates for Log4Shell, treat all affected VMware systems as compromised.
Need:
We encourage organizations to update all affected VMware Horizon and Unified Access Gateway (UAG) systems to the latest versions.
Additional Resources:
CISA Bulletin: CISA Updates Advisory on Cyber Actors Continued Exploitation of Log4Shell in VMware Horizon Systems:
https://www.cisa.gov/uscert/ncas/current-activity/2022/07/18/cisa-updates-advisory-cyber-actors-continued-exploitation
VMware’s release of updates for Log4Shell:
https://www.vmware.com/security/advisories/VMSA-2021-0028.html
Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems:
https://www.cisa.gov/uscert/ncas/alerts/aa22-174a