Please see Security Advisories for the week ending November 27, 2020
- Fortinet FortiOS System File Leak
- VMware Releases Workarounds for the Vulnerability CVE-2020-4006 in Affected VMware Products
- Cisco Releases Security Updates for Multiple Products
- Beware of Holiday Online Shopping Scams
________________________________
Fortinet FortiOS System File Leak
Situation
Fortinet has found and patched a vulnerability in FortiOS SSL VPN web portal that may allow remote attackers to download FortiOS system files.
Problem
Fortinet has found and patched a vulnerability in FortiOS SSL VPN web portal that may allow remote attackers to download FortiOS system files. An attacker could potentially access other SSL VPN user credentials and impersonate them gaining access to the connected systems.
Implication
If an attacker exploits the vulnerability, there could be a leak of user data and access which then could lead to user impersonation and further un-authorized access
Need
Fortinet recommends installing the latest updates or upgrade to FortiOS 5.4.13, 5.6.8, 6.0.5 or 6.2.0 and above. There is more information on a work around at FortiGuard.
For a brief overview:
https://us-cert.cisa.gov/ncas/current-activity/2020/11/27/fortinet-fortios-system-file-leak
For a more detailed overview:
https://www.fortiguard.com/psirt/FG-IR-18-384
________________________________
VMware Releases Workarounds for the Vulnerability CVE-2020-4006 in Affected VMware Products
Situation
VMware has released workarounds to address a vulnerability (CVE-2020-4006) in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector.
Problem
A command injection vulnerability (CVE-2020-4006) was privately reported to VMware. This vulnerability can allow an attacker with access to the administrative configurator on port 8443, and a valid password for the configurator admin account to execute commands with unrestricted privileges on the underlying operating system.
Implication
If an attacker is able to successfully exploit this vulnerability it can allow them to take control of the affected system.
Need
Patches for vulnerability (CVE-2020-4006) are forthcoming. Workarounds are available to address this vulnerability (CVE-2020-4006) in affected VMware products. The Workarounds for the respective products can be found in the link below.
For a more detailed overview:
https://www.vmware.com/security/advisories/VMSA-2020-0027.html
________________________________
Cisco Releases Security Updates for Multiple Products
Situation
Cisco has discovered and patched numerous vulnerabilities in several products: 5000 Series Enterprise Network Compute System (ENCS) Platforms, UCS C-Series Rack Servers in standalone mode, UCS E-Series Servers, UCS S-Series Servers in standalone mode, REST API of Cisco IoT Field Network Director (FND), Cisco AsyncOS for the Secure Web Appliance.
Problem
Cisco has found and patched numerous newly discovered vulnerabilities across its products and has issued patches. Unpatched systems are exposed to a multitude of vulnerabilities that could allow attackers to: escalate privileges, perform information gathering attacks, could allow an unauthenticated remote attacker to execute arbitrary code with root privileges, and gain complete control of compromised systems.
Implication
Failure to patch systems could result in loss of control of affected systems. Possible compromise of system and network integrity.
Need
Cisco advises patching the software and hardware to the most recent securityupdate. There are several security updates so please follow the Cisco technical link provided to ensure all necessary systems are patched.
For a brief overview:
For a more detailed overview:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-BCK-GHkPNZ5F
________________________________
Beware of Holiday Online Shopping Scams
Situation
With more commerce occurring online this year due to the COVID-19 outbreak, and with the holiday season upon us, the Cybersecurity and Infrastructure Security Agency (CISA) reminds shoppers to be vigilant of potential holiday scams.
Problem
Holiday online shopper should be vigilant of fraudulent sites spoofing reputable businesses, phishing emails, social media posts, and unencrypted financial transactions.
Implication
If an attacker is successfully able to trick a user with their scam if could result in the attacker stealing money and/or personal information.
Need
It is recommended to review CISA's online holiday shopping advisory.
For a brief overview:
https://us-cert.cisa.gov/ncas/current-activity/2020/11/24/online-holiday-shopping-scams
