Netizen: April Vulnerability Review
Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing outside attack surface. Netizen’s Security Operations Center (SOC) has compiled five vulnerabilities from March that should be immediately patched or addressed if present in your environment. Detailed writeups below:
CVE-2022-48433 targets popular software development IDE JetBrains IntelliJ IDEA. This vulnerability has a NIST CVSSv3 base scoring of 7.5/10. IntelliJ consists of several useful plugins for developers to utilize to aid in the creation of software. Among them is a popular internal http server for web development, however, it can potentially leak the users’ NTLM hash through the API for the http server. Remediation is available via a standard software update to the latest version.
CVE-2023-26925 allows attackers to gather sensitive information from D-Link DIR-882 router devices via the syslog module. This vulnerability has a NIST CVSSv3 base scoring of 7.5/10. This information disclosure is made possible by crafting a special HTTP request against DIR-882 routers ‘/messages’ route. The request is triggerable by an unprivileged user. Remediation is not readily available from D-Link, therefore users are urged to audit DIR-882 devices and perform risk analysis.
CVE-2023-28731 is an unauthenticated Remote Code Execution (RCE) present in version 8.3.0 and below of the AcyMailing Plugin for Joomla. his vulnerability has a NIST CVSSv3 base scoring of 9.8/10. The plugin allows for unrestricted file upload on the campaign creation function. An attacker can utilize this file upload to create and upload PHP code allowing for the remote code execution to take place. To remediate the threat caused by CVE-2023-28731 it is recommended users update to secure versions of the AcyMailing Plugin.
CVE-2022-45355 targets vulnerable WordPress Plugin ‘WP Pipes’ with versions less than or equal to 1.33. This vulnerability has a NIST CVSSv3 base scoring of 7.2/10. The WP Pipes Plugin is inherently vulnerable to a privileged SQL injection attack. This vulnerability may allow attackers to entirely delete, modify, and view data throughout a WordPress instances database. To remediate CVE-2022-45355 users should update to secure versions of WP Pipes.
CVE-2023-28892 represents a unique opportunity for attackers to conduct privilege escalation on Windows systems. This vulnerability has a NIST CVSSv3 base scoring of 7.8/10. The vulnerability targets Malwarebytes AdwCleaner 8.4.0 software’s function to delete debug logs. The path to these logs are user-controllable which presents the privilege escalation to non-admin users via a symbolic link in the file system. Remediation as of now is to remove the vulnerable software.
In conclusion, software vulnerabilities are a common nuisance to IT and security teams everywhere. Organizations that prioritize the remediation and patching of these vulnerabilities will drastically reduce their attack surface and ensure no doors into their environment are left unlocked.
How Can Netizen Help?
Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.
We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.
Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.
Netizen is an ISO 27001:2013 (Information Security Management), ISO 9001:2015, and CMMI V 2.0 Level 3 certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans.
Questions or concerns? Feel free to reach out to us any time – https://www.netizen.net/contact