Known technical concerns:
Node.js has a set of built-in modules which you can use without any further installation.
So, in certain circumstances, it is bring out the security concerns.
Known vulnerability modules:
Prototype Pollution Vulnerability in cached-path-relative Package
[tianma-static] Stored xss on filename
[takeapeek] Path traversal allow to expose directory and files
SIPROTEC and SICAM – Siemens products and solutions for protection engineering, station automation, power quality, and measurement – can be connected directly and easily to MindSphere and other cloud-based platforms.
What is MindSphere?
MindSphere is an open cloud platform or “IoT operating system” developed by Siemens for applications in the context of the Internet of Things. MindSphere stores operational data and makes it accessible through digital applications to allow industrial customers to make decisions based on valuable factual information.
SICAM Q200 V2.40 firmware released with security-relevant updates
SICAM Q100 V1.30 firmware released with security-relevant updates
OpenSSL sources modified by Siemens issued on 11th Sep 2018.
However OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack (use variations in the signing algorithm recover the private key).
Above vulnerability with reference number CVE-2018-0734 announced on 30th Oct 2018.
It looks that there is a gap in between version. But it cannot confirm whether there is an impact?
Regarding to above technical details. Do you have any doubt?
Subject: VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage
VMXNET3 (VMXNET Generation 3) is a virtual network adapter designed to deliver high performance in virtual machines (VMs) running on the VMware vSphere platform.
How to enable it?
1. Power off your Virtual Appliance in the VMWare Console.
2. Right click the Virtual Appliance, go to Settings.
3. Select Network Adapter 1 and click Remove.
4. Click Add and choose Network Adapter.
5. Choose VMXNET3 under type.
The uninitialized stack memory vulnerability will be present if vmxnet3 is enabled.
In computing, an uninitialized variable is a variable that is declared but is not set to a definite known value before it is used. It will have some value, but not a predictable one. As such, it is a programming error and a common source of bugs in software.
CUJO is the most adorable home firewall on the Market. Meanwhile if a threat is detected, CUJO smart firewall will tell the cloud what it has blocked so you can receive a notification on your mobile app to confirm it.
Cujo product working with U-boot.
U-Boot is the bootloader. Meanwhile, it provides the basic infrastructure to bring up a board to a point where it can load a linux kernel and start booting the operating system.
Vulnerabilities found on U-Boot (CVE-2018-18439, CVE-2018-18440)
CVE-2018-18439: U-Boot filesystem image load buffer overflow
CVE-2018-18440: U-Boot insufficient boundary checks in filesystem image load
Observation: No technical information provided by Vendor (CUJO AI) in the moment. We keep our eye open whether a remedy will be issued by vendor soon.
Retrospective last decade, the key word so called vulnerability look like a stranger to us. But it change today. Design vulnerability, it was no doubt to say. They are the belongings of cost effective solution, market competition (short development life cycle) and satisfy human want.
Design technique – Wear leveling (also written as wear levelling) is a technique for prolonging the service life of some kinds of erasable computer storage media.
Design limitation – Wear-leveling does not guarantee that an old copy of updated data is fully removed. If the updated data is written to a new segment, old versions of data may exist in the previous segment for some time after it has been updated (until that previous segment is overwritten).
Remark: Consumer Notice regarding Samsung SSDs – https://www.samsung.com/semiconductor/minisite/ssd/support/consumer-notice/
Impact – There is possible way to allow data theft to collect and read the encrypted data through physical attack (reverse engineering). A vulnerability for hardware encryption method.
Remedy – Fully turn off BitLocker to decrypt the drive on windows OS
Linux (systemd) current status update – 7th Nov 2018
If you are the old folk. Perhaps you will familiar with (init)?
The trend is going to replace the old mechanism (init) with new one (systemd). From techincal point of view, people satisfy the techincal features of “systemd”. However they are concern that such design are all in one place (package). Even though text book mentioned in theory so called trusted kernel kernel. The overall infrastructure will be build by several components. The realistic told the world that no safe place in cyber world. If you would like to make yourself secure, it is better to get rid your electronic belongings. We all know it was not possible!
Background – What is “systemd”?
The parent of all other processes (directly or indirectly)
Which Linux brand now fully deployed with “systemd” instead of “init”?
Fedora, OpenSuSE, Arch, RHEL, CentOS, etc.
Refer attached diagram and below URL for references.
Conclusion: POSIX defined set of standards for an operating system or a program. But “systemd” not a POSIX standard. The computing system life cycle is really short today. It cannot compare with our home old day appliances.
US-CERT urge that stay alert for the former Apache Struts design weakness (CVE-2016-1000031 – Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution)
See whether does it effect cisco products?
Since this vulnerability just happened yesterday. And therefore no response from Vendor (Cisco) in the moment.
For details about this vulnerability. Please refer below URL for reference.
Status update – Cisco 7th Nov 2018 Apache Struts Commons FileUpload Library Remote Code Execution Vulnerability Affecting Cisco Products: November 2018:
A reminder to Schneider customer – official security alert!
DLL file is in SysWOW64 folder and someone places a counterfeit dll in a folder that has higher priority compared to SysWOW64 folder, the operating system will use the counterfeit dll file, as it has the same name as the DLL requested by the application. Once in memory, it can execute the malicious code contained in the file and may compromise your computer or networks.
A DLL hijacking vulnerability exists in Schneider Electric Software Update (SESU), all versions prior to V2.2.0, which could allow an attacker to execute arbitrary code on the targeted system when placing a specific DLL file.
Additional – Modicon M221: