Please see Security Advisories for the week ending April 2, 2021
- VMware Releases Security Update for VMware Carbon Black Cloud Workload
- VMware Releases Security Updates for Several Products
- FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities
- Google Releases Security Updates for Chrome
- Citrix Releases Security Updates for Hypervisor
________________________________
VMware Releases Security Update for VMware Carbon Black Cloud Workload
Situation
VMware has released security updates to address a vulnerability— CVE-2021-21982— in its product VMware Carbon Black Cloud Workload.
Problem
A vulnerability in VMware Carbon Black Cloud Workload appliance was privately reported to VMware. A URL on the administrative interface of the VMware Carbon Black Cloud Workload appliance can be manipulated to bypass authentication. An update is available to remediate this vulnerability in the affected versions of the appliance.
Implication
Failure to patch systems could result in loss of control of affected systems. Possible compromise of system and network integrity.
Need
VMware has released security updates for VMware Carbon Black Cloud Workload please upgrade to the latest version to ensure that you are protected.
For a brief overview
https://us-cert.cisa.gov/ncas/current-activity/2021/04/02/vmware-releases-security-update
For a more technical overview
https://www.vmware.com/security/advisories/VMSA-2021-0005.html
________________________________
VMware Releases Security Updates for Several Products
Situation
VMware has found multiple vulnerabilities in vRealize Operations, Cloud Foundation, and vRealize Suite Lifecycle Manager.
Problem
Critical level severity vulnerabilities were found in the above VMware products. Vulnerabilities include server-side request forgery and arbitrary file write.
Implication
Attackers exploiting these vulnerabilities could allow them to steal admin credentials and write files to the underlying operating system.
Need
vRealize Operations Manager 8.30 and below are affected and all versions of VMware Cloud Foundation and vRealize Suite Lifecycle Manager are affected. Please update these products to the latest version.
________________________________
FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities
Situation
The FBI and CISA have released a Joint Cybersecurity Advisory (CSA) to warn users and administrators of the possibility that advanced persistent threat actors are exploiting known Fortinet FortiOS vulnerabilities.
Problem
The FBI and CISA have information indicating APT actors are implementing CVEs to exploit FortiOS vulnerabilities. The details of these vulnerabilities can be tracked as CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591.
Implication
APT actors may use these vulnerabilities or other exploitation techniques to gain access to multiple commercial, government, and technology services. Gaining initial access positions the APT actors to execute future attacks.
Need
CISA recommends reviewing CSA AA21-092A and implement the recommended mitigations.
For a more detailed overview
________________________________
Google Releases Security Updates for Chrome
Situation
Google has released Chrome version 89.0.4389.114 for Windows, Mac, and Linux.
Problem
Google verified and patched vulnerabilities regarding stack overflow and heap buffer overflow in data transfers, GPU processes, Media, V8, and Tab Strip.
Implication
The previous version had vulnerabilities that an attacker could exploit to take control of an affected system.
Need
Please update Chrome to the latest version as soon as possible
For a more technical overview
https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html
________________________________
Citrix Releases Security Updates for Hypervisor
Situation
Citrix has released security updates to address two vulnerabilities in Citrix Hypervisor (formerly Citrix XenServer). These issues affect all currently supported versions of Citrix Hypervisor up to and including Citrix Hypervisor 8.2 LTSR.
Problem
Two of the vulnerabilities patched CVE-2021-28038 and CVE-2021-28688 may allow attacker with the ability to execute privileged code in a guest VM to cause the host to crash or become unresponsive. An additional vulnerability CVE-2020-35498 has been identified in Citrix Hypervisor 8.2 LTSR (only) that may allow malicious network traffic to cause subsequent packets to be dropped.
Implication
An attacker could exploit some of these vulnerabilities to cause a denial-of-service condition on Citrix Hypervisor.
Need
Citrix recommends that affected customers install these hotfixes as their patching schedule allows. For additional information please visit the link below.
For a more technical overview
