A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-csrfv-DMx6KSwV?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application%20Policy%20Infrastructure%20Controller%20and%20Cisco%20Cloud%20Network%20Controller%20Cross-Site%20Request%20Forgery%20Vulnerability&vs_k=1
A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to insufficient user input validation by the web-based management interface of the affected software. An attacker could exploit this vulnerability by injecting arbitrary commands in the web-based management
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealth-rce-2hYb9KFK?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Secure%20Network%20Analytics%20Remote%20Code%20Execution%20Vulnerability&vs_k=1
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software when it is operating in cluster mode could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-csrf-76RDbLEh?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20SD-WAN%20vManage%20Software%20Cluster%20Mode%20Cross-Site%20Request%20Forgery%20Vulnerability&vs_k=1
On March 27, 2023, the research paper Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues was made public. This paper discusses vulnerabilities in the 802.11 standard that could allow an attacker to spoof a targeted wireless client and redirect frames that are present in the transmit queues in an access point to an attacker-controlled device. This attack is seen as an opportunistic attack and the information gained by the attacker would be of minimal value in a securely
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-ffeb-22epcEWu?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Framing%20Frames:%20Bypassing%20Wi-Fi%20Encryption%20by%20Manipulating%20Transmit%20Queues%20Affecting%20Multiple%20Cisco%20Products&vs_k=1
On March 27, 2023, the research paper Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues was made public. This paper discusses vulnerabilities in the 802.11 standard that could allow an attacker to spoof a targeted wireless client and redirect frames that are present in the transmit queues in an access point to an attacker-controlled device. This attack is seen as an opportunistic attack and the information gained by the attacker would be of minimal value in a securely
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-ffeb-22epcEWu?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Framing%20Frames:%20Bypassing%20Wi-Fi%20Encryption%20by%20Manipulating%20Transmit%20Queues%20Affecting%20Multiple%20Cisco%20Products&vs_k=1
Update March 23, 2023 Pwn2Own 2023 has wrapped up after a very eventful week. On the final day of the contest, STAR Labs team demonstrated an issue on VMware Workstation. We are currently investigating the issue after having received the details. We are actively working on its remediation and we plan on publishing a VMware … ContinuedThe post VMware and Pwn2Own Vancouver 2023 appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2023/03/vmware-and-pwn2own-vancouver-2023.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-and-pwn2own-vancouver-2023
PoshC2 is a proxy-aware cross-platform C2 framework that natively supports Docker. Once configured and executed, it generates over 100 modifications of fresh implants, written in PowerShell, C#, and Python. The framework has a modular architecture to enable users to add their own modules and tools. No wonder, that nowadays PoshC2 is one of the most … ContinuedThe post How to Detect PoshC2 PowerShell Implants appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2023/03/how-to-detect-poshc2-powershell-implants.html?utm_source=rss&utm_medium=rss&utm_campaign=how-to-detect-poshc2-powershell-implants
Update March 23, 2023 Pwn2Own 2023 has wrapped up after a very eventful week. On the final day of the contest, STAR Labs team demonstrated an issue on VMware Workstation. We are currently investigating the issue after having received the details. We are actively working on its remediation and we plan on publishing a VMware … ContinuedThe post VMware and Pwn2Own Vancouver 2023 appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2023/03/vmware-and-pwn2own-vancouver-2023.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-and-pwn2own-vancouver-2023
PoshC2 is a proxy-aware cross-platform C2 framework that natively supports Docker. Once configured and executed, it generates over 100 modifications of fresh implants, written in PowerShell, C#, and Python. The framework has a modular architecture to enable users to add their own modules and tools. No wonder, that nowadays PoshC2 is one of the most … ContinuedThe post How to Detect PoshC2 PowerShell Implants appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2023/03/how-to-detect-poshc2-powershell-implants.html?utm_source=rss&utm_medium=rss&utm_campaign=how-to-detect-poshc2-powershell-implants
A vulnerability in the Cloud Management for Catalyst migration feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root-level privileges on an affected device. This vulnerability is due to insufficient memory protection in the Cisco IOS XE Meraki migration feature of an affected device. An attacker could exploit this vulnerability by modifying the Meraki registration parameters. A successful exploit could allow the attacker to elevate privileges to root. Cisco
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-priv-esc-sABD8hcU?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XE%20Software%20Privilege%20Escalation%20Vulnerability&vs_k=1
