Netizen: October Vulnerability Review

Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing outside attack surface. Netizen’s Security Operations Center (SOC) has compiled five vulnerabilities from September that should be immediately patched or addressed if present in your environment. Detailed writeups below:

CVE-2022-33891

Apache Spark Vulnerability. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10 and has a proof of concept exploit available on GitHub (https://github.com/HuskyHacks/cve-2022-33891 & https://github.com/west-wind/CVE-2022-33891) for a Shell Command Injection. This vulnerability affects Apache Spark < 3.0.3 and earlier, 3.1.1 – 3.1.2, as well as versions 3.2.0 – 3.2.1. The Apache Spark, which is an open-sourced processing system used to handle big data workloads, provides the capability to enable ACL’s (Access Control Lists). If this feature is enabled, an attacker can perform an impersonation attack using whatever username the attacker chooses to use. The attacker may then be able to get to the permission check function to create and execute a Unix Shell command through their input. 

CVE-2021-30551:

Google Chrome Zero-Day Vulnerability. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10 and is known to be exploited in the wild. This affects Google Chrome version prior to 91.0.4472.101 on Windows, Mac, and Linux operating systems. The vulnerability will allow an attacker to craft a` special HTML page that could cause a heap corruption (A mishandling of memory in software) such as a Buffer Overflow and allow RCE to gain control of a system. 

CVE-2022-35823:

Microsoft SharePoint Remote Code Execution Vulnerability. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10 and has been reported as exploited in wild. The Microsoft products that are affected are SharePoint Enterprise Server, SharePoint Server, SharePoint Server Subscription Edition and SharePoint Foundation. The attack complexity is rated low and has a high affect on confidentiality & Integrity. This vulnerability can allow an attacker to perform RCE (Remote Code Execution) to run specially created code on chosen business systems which will allow an attacker to get sensitive business information. 

CVE-2022-22026:

Windows CSRSS (Client Server Run-Time Subsystem) Elevation of Privilege Vulnerability. This vulnerability has a NIST CVSSv3 base score rating of 8.8/10. It is reported that an unknown function of the CSRSS component doesn’t adequately check privileges which can give unintended control to the attacker. The attack complexity is rated low and has a high effect on confidentiality & Integrity. 

CVE-2021-44224:

Apache HTTP Server Vulnerability. This vulnerability has a NIST CVSSv3 base score rating of 8.2/10 and affects HTTP Server versions 2.4.7 – 2.4.51. A specially crafted URI (Uniform Resource Identifier) sent to the server as a forward proxy can cause a crash or allow an SSRF (Server-Side Request Forgery) which gives an attacker the ability to access or modify resources. There is the potential for DOS (Denial of Service) or data confidentiality compromise. 

Conclusion:

In conclusion, software vulnerabilities are a common nuisance to IT and security teams everywhere. Organizations that prioritize the remediation and patching of these vulnerabilities will drastically reduce their attack surface and ensure no doors into their environment are left unlocked.

How Can Netizen Help?

Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.