Please see Security Advisories for the week ending June 5, 2020
- MacOS Catalina & Mojave & High Sierra Security Updates
- Hurricane Related Scams
- Apple Security Update for Mac, iOS, iPadOS, watchOS, tvOS
- Cisco Security Updates for NX-OS Software
- Mozilla Releases Security Updates for Firefox and Firefox ESR
- Google Releases Security Updates for Chrome
- Cisco IOx and IOS XE Software Security Updates
________________________________
MacOS Catalina, Mojave and High Sierra Security Updates
Situation
Apple has discovered and patched several vulnerabilities in its desktop Mac Operating systems: Catalina, Mojave, and High Sierra.
Problem
Apple has identified several security vulnerabilities for its desktop OS Catalina, Mojave, and High Sierra that a remote attacker can exploit and take control of affected systems.
Implication
Failure to patch systems could result in loss of control of affected systems. Possible compromise of system and network integrity.
Need
Apple advises patching to the latest version of; Catalina 10.15.5, security update 2020-003 for Mojave, or security update 2020-003 for High Sierra.
For a brief overview:
https://www.us-cert.gov/ncas/current-activity/2020/05/27/apple-releases-security-updates
For a more technical overview:
https://support.apple.com/en-us/HT211170
________________________________
Situation
June 1st marks the official start of the Atlantic Ocean hurricane season. The United States Cybersecurity and Infrastructure Security Agency Has released an advisory warning users to be on the alert for malicious cyber activity targeting potential disaster victims and charitable donors.
Problem
Phishing and fraudulent email and social media scams containing malicious links and/or file attachments are generally common after major natural disasters. These links may try to pose as a website of a legitimate charitable organization in order to fraudulently receive funds or these links may be used to download malware. Malicious attachments are generally used by attackers to propagate malware.
Implication
If a malicious link is clicked or malicious file attachments are executed from one of these emails, it could result in malware being downloaded on the users system, financial loss, or personally identifiable information (PII) being given to the attacker.
Need
Users are advised to exercise caution in handling emails with hurricane related subject lines, attachments, or hyperlinks. In addition, be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events.
________________________________
Apple Security Update for Mac, iOS, iPadOS, watchOS, tvOS
Situation
Apple has released security updates to address the vulnerability (CVE-2020-9859) found in macOS, iOS, iPadOS, watchOS, and tvOS.
Problem
The vulnerability is found in Apple’s operating systems kernel which can allow an application to be able to execute arbitrary code with kernel privileges.
Implication
If an attacker is able to successfully exploit this vulnerability it could allow them to take control of the affected system.
Need
It is recommended to update all affected Apple products to the versions listed below.
- macOS Catalina 10.15.5 Supplemental Update and Security Update 2020-003 High Sierra
- iOS 13.5.1 and iPadOS 13.5.1
- watchOS 6.2.6
- tvOS 13.4.6
________________________________
Cisco Security Updates for NX-OS Software
Situation
Cisco has issued a patch for a vulnerability (CVE-2020-10136) found in the network stack of Cisco NX-OS Software, the network operating system used by Cisco’s Nexus series ethernet switches. The vulnerability could allow an unauthenticated, remote attacker to bypass certain security boundaries or cause a denial of service (DoS).
Problem
This vulnerability is due to a device unexpectedly decapsulating and processing IP in IP packets that are destined to a locally configured IP address. An attacker could exploit this vulnerability by sending a crafted IP in IP packet to an affected device Which could result in IP packets bypassing input access control lists configured or other security boundaries defined elsewhere in the network.
Implication
If a remote attacker is able to successfully exploit this vulnerability, they could bypass the input access control lists and certain security boundaries. An attacker may also cause the network stack process to crash and restart multiple times, leading to a DoS condition.
Need
It is recommended to apply the necessary updates or workarounds to help protect against this vulnerability, patch information, workarounds, as well as affected products can be found in the link below.
Cisco security advisory:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4
________________________________
Mozilla Releases Security Updates for Firefox and Firefox ESR
Situation
Mozilla Firefox has release security updates for its web browser and (ESR) Extended Support Releases to protect from vulnerabilities that might allow a remote attacker to exploit the software and remotely take over the victim’s web browser or system. Firefox states this is fixed in newer versions of its software.
Problem
Mozilla Firefox has found and patched its web browser for vulnerabilities that could allow remote takeover in web browser versions 76 and below and their (ESR) Extended Support Release versions Prior to v68.9.
Implication
Any system running Firefox versions 76 and or (ESR) versions prior to 68.9 are vulnerable to remote attacks that could lead to compromise of the browser and system and remote takeover from hostile attackers.
Need
Mozilla is releasing updates to Firefox v77 where this vulnerability is to be patched. Mozilla is also releasing updates to its (ESR) Extended Support Release platform to patch this vulnerability in its new release version 68.9
For a brief overview:
For more information on Firefox V77 patch please visit Mozilla’s advisory page:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/
For more information on Firefox ESR patch please visit Mozilla’s advisory page:
https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/
________________________________
Google Releases Security Updates for Chrome
Situation
Google is releasing a new security update for their Chrome web browsers on multiple platforms to patch several vulnerabilities in its software that could lead to browser insecurity and possible remote takeover of the browser or device.
Problem
Google has identified multiple vulnerabilities in its Chrome web browser software that could lead to browser insecurity and possibly remote compromise and takeover of the web browser or system.
For this release Google has identified and patched CVE-2020-6493, CVE-2020-6494, CVE-2020-6495, CVE-2020-6496 and iOS vulnerabilities CVE-2020-6497, CVE-2020-6498
Implication
Unpatched Chrome browsers leave multiple vulnerability’s open to attack and could be exploited to compromise the browser and possibly the system its running on.
Need
Chrome Recommends updating to its new upcoming release V83.0.4103.97 which has patched the vulnerabilities in the web browser.
For a brief overview:
https://www.us-cert.gov/ncas/current-activity/2020/06/04/google-releases-security-updates-chrome
For a more technical overview:
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html
________________________________
Cisco IOx and IOS XE Software Security Updates
Situation
Cisco has discovered and patched several vulnerabilities in its Cisco IOx application hosting infrastructure and Cisco IOS router software
Problem
Cisco has identified numerous security vulnerabilities for some of its industrial router software that a remote attacker can exploit to execute remote commands and take control of affected systems.
Implication
Failure to patch systems could result in loss of control of affected systems. Possible compromise of system and network integrity.
Need
Cisco advises patching Cisco IOx and IOS XE software to the most recent security update.
For a brief overview:
For a more technical overview:
