16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks
A set of 16 high-severity security flaws have been disclosed in the CODESYS V3 software development kit (SDK) that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology (OT) environments.
The flaws, tracked from CVE-2022-47378 through CVE-2022-47393 and dubbed CoDe16, carry a CVSS score of 8.8 with the exception of CVE-2022- Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Zoom Desktop Flaws Let Attackers Launch Privilege Escalation Attacks
[[{“value”:”
Zoom, a well-known video conferencing software, has patched seven vulnerabilities in its desktop and mobile applications, particularly a critical flaw identified as CVE-2024-24691 impacting Windows software.
Notably, a high-severity escalation of privilege issue affecting Windows software was also fixed by the company and assigned as CVE-2024-24697.
A privilege escalation attack is an attempt to obtain unauthorized access to higher rights, permissions, privileges, or entitlements than those allocated to a particular account, user, or device. This can occur as a result of a system flaw, misconfiguration, or inadequate access controls.
Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks
.
CVE-2024-24691- Improper Input Validation
With a CVSS Score of 9.6, this critical severity flaw may enable an unauthorized user to carry out an escalation of privilege via network access due to improper input validation in the Zoom Desktop Client, Zoom VDI Client, and Zoom Meeting SDK for Windows.
Affected Products:
Zoom Desktop Client for Windows before version 5.16.5
Zoom VDI Client for Windows before version 5.16.10 (excluding 5.14.14 and 5.15.12)
Zoom Rooms Client for Windows before version 5.17.0
Zoom Meeting SDK for Windows before version 5.16.5
CVE-2024-24697 – Untrusted Search Path
An untrusted search path in some Zoom 32-bit Windows clients is a high-severity vulnerability with a CVSS score of 7.2 that could enable an authorized user to carry out a local access privilege escalation.
Affected Products:
Zoom Desktop Client for Windows before version 5.17.0
Zoom VDI Client for Windows before version 5.17.5 (excluding 5.15.15 and 5.16.12)
Zoom Meeting SDK for Windows before version 5.17.0
Zoom Rooms Client for Windows before version 5.17.0
Zoom also addressed other significant issues, including:
CVE-2024-24690 – Improper Input Validation in Zoom Clients
CVE-2024-24699 – Business Logic Error in Zoom Clients
CVE-2024-24698 – Improper Authentication in Zoom Clients
CVE-2024-24696– Improper Input Validation in Zoom Desktop Client, Zoom VDI Client, and Zoom Meeting SDK for Windows
CVE-2024-24695 – Improper Input Validation in Zoom Desktop Client, Zoom VDI Client, and Zoom Meeting SDK for Windows
Zoom doesn’t disclose that any of these vulnerabilities have been used in malicious attacks. Thus, the company advises users to update their apps to the most recent available versions as soon as possible.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
New Wi-Fi Authentication Bypass Flaw Puts Enterprise and Home Networks at Risk
[[{“value”:”
Security researchers Mathy Vanhoef and Héloïse Gollier, have recently uncovered several critical vulnerabilities in the Wi-Fi authentication protocols used in modern WPA2/3 networks collaborating with VPN testing company Top10VPN.
The identified flaws pose a significant security risk as they could potentially enable unauthorized access to sensitive data transmitted over wireless networks and compromise the security of all connected devices.
Wpa_supplicant is a widely used software that offers robust support for WPA, WPA2, and WPA3 security protocols. It is an integral part of the Android operating system and is also present in most Linux-based devices, including the ChromeOS used in Chromebooks.
iNet wireless daemon (IWD) is a wireless daemon designed by Intel for Linux-based devices. It offers a complete and robust Wi-Fi connectivity solution, providing advanced features such as advanced roaming, WPA/WPA2 support, and power management. It is a highly reliable and efficient solution for wireless connectivity on Linux devices.
Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks
.
Two Security Flaws
As researchers were examining the system for logical implementation flaws, they came across two distinct vulnerabilities that require immediate attention. They published a research article outlining the technical weaknesses.
CVE-2023-52160 (“Phase-2 bypass”)
A security flaw has been identified in wpa_supplicant v2.10 and earlier versions, which are widely used in Android and Linux devices.
This vulnerability can be exploited by an attacker to deceive the victim into connecting to a fake Wi-Fi network set up by the adversary. Once connected, the attacker can intercept and monitor the victim’s network traffic.
The security flaw can be taken advantage of by attackers against Wi-Fi clients that lack proper configuration for authentication server certificate verification.
Such incidents are still prevalent in reality, particularly with devices that run on ChromeOS, Linux, and Android platforms.
CVE-2023-52161 (“4-way bypass”):
An exploitable vulnerability has been discovered in IWD v2.12 and earlier versions that allows an attacker to gain unauthorized access to a protected Wi-Fi network. Upon gaining access, the attacker can use the network as if they were a legitimate user.
In the context of Wi-Fi network security, an attacker can leverage the IWD (iNet Wireless Daemon) to gain unauthorized access to the network and connected devices.
This can allow the attacker to potentially launch further attacks on the network or other clients connected to it. The only prerequisite for the attack is that the Wi-Fi network in question must be using IWD.
The researchers discovered two vulnerabilities which were promptly reported to the respective vendors. The vulnerabilities have been successfully patched by the vendors.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Papercut Print Manager Flaw Let Attackers Perform Sophisticated Attacks
The PaperCutNG Mobility Print 1.0.3512 application has been identified to have a cross-site request forgery vulnerability that leads to sophisticated phishing attacks.
This vulnerability exists because the application lacks CSRF defenses such as anti-CSRF tokens, header origin validation, same-site cookies, etc.
The Cross-Site Request Forgery (CSRF) attack pushes authenticated users to send requests to Web applications that they are already authorized to access. CSRF attacks take advantage of the trust a Web application has in a verified user.
Details of the Vulnerability
The vulnerability is tracked as CVE-2023-2508 with a CVSS base score of 5.3.
According to the information shared in Fluidattacks, an unauthenticated attacker can launch a CSRF attack against an instance administrator using the PaperCutNG Mobility Print version 1.0.3512 application to configure the client’s host.
Further, when the administrator wishes to send the link to users so that they may set up their log in information, they are actually directing them to a malicious website that impersonates the PaperCut NG login to steal their login information.
User involvement by the victim is necessary for successful exploitation. Up till now, there are no patches available for this vulnerability.
The PaperCut team has successfully addressed the vulnerability and has released version 1.0.3617 for users to update. It is highly recommended that users update to this version to ensure optimal security and protection of their system.