US CERT Current Activity
Adobe Releases Security Updates for Multiple Products
Mar 18, 2020
Original release date: March 18, 2020Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates. Genuine Integrity Service APSB20-12 Acrobat and Reader APSB20-13 PhotoShop APSB20-14 Experience Manager APSB20-15 ColdFusion APSB20-16 Bridge APSB20-17 This product is provided subject to this Notification and this Privacy & Use policy.
VMware Releases Security Updates for Multiple Products
Mar 16, 2020
Original release date: March 16, 2020VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2020-0004 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases Out-of-Band Security Updates for SMB RCE Vulnerability
Mar 12, 2020
Original release date: March 12, 2020Microsoft has released out-of-band security updates to address a remote code execution vulnerability (CVE-2020-0796) in Microsoft Server Message Block 3.1.1 (SMBv3). A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources and apply the necessary updates or workarounds. • Microsoft Security Guidance for CVE-2020-0796 • Microsoft Advisory ADV200005 • CERT Coordination Center’s Vulnerability Note VU#872016 This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Server Message Block RCE Vulnerability
Mar 11, 2020
Original release date: March 11, 2020Microsoft has released a security advisory to address a remote code execution vulnerability (CVE-2020-0796) in Microsoft Server Message Block 3.1.1 (SMBv3). A remote attacker can exploit this vulnerability to take control of an affected system. SMB is a network file-sharing protocol that allows client machines to access files on servers. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft Advisory ADV200005 and the CERT Coordination Center’s Vulnerability Note VU#872016 and apply the workaround until patches are made available. This product is provided subject to this Notification and this Privacy & Use policy.
Unpatched Microsoft Exchange Servers Vulnerable to CVE-2020-0688
Mar 10, 2020
Original release date: March 10, 2020Microsoft Exchange Servers affected by a remote code execution vulnerability, known as CVE-2020-0688, continue to be an attractive target for malicious cyber actors. A remote attacker can exploit this vulnerability to take control of an affected system that is unpatched. Although Microsoft disclosed the vulnerability and provided software patches for the various affected products in February 2020, advanced persistent threat actors are targeting unpatched servers, according to recent open-source reports. The Cybersecurity and Infrastructure Security Agency (CISA) urges users and administrators review Microsoft’s Advisory and the National Security Agency’s tweet on CVE-2020-0688 for more information and apply the necessary patches as soon as possible. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases March 2020 Security Updates
Mar 10, 2020
Original release date: March 10, 2020Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s March 2020 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Intel Releases Security Updates
Mar 10, 2020
Original release date: March 10, 2020Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of privileges. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates: Graphics Drivers Advisory INTEL-SA-00315 FPGA Programmable Acceleration Card N3000 Advisory INTEL-SA-00319 Optane DC Persistent Memory Module Management Software Advisory INTEL-SA-00326 Snoop Assisted L1D Sampling Advisory INTEL-SA-00330 Processors Load Value Injection Advisory INTEL-SA-00334 NUC Firmware Advisory INTEL-SA-00343 Max 10 FPGA Advisory INTEL-SA-00349 BlueZ Advisory INTEL-SA-00352 Smart Sound Technology Advisory INTEL-SA-00354 This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Updates for Firefox and Firefox ESR
Mar 10, 2020
Original release date: March 10, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 74 and Firefox ESR 68.6 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Zoho Releases Security Update on ManageEngine Desktop Central
Mar 6, 2020
Original release date: March 6, 2020Zoho has released a security update on a vulnerability (CVE-2020-10189) affecting ManageEngine Desktop Central build 10.0.473 and below. A remote attacker could exploit this vulnerability to take control of an affected system. ManageEngine Desktop Central is a unified endpoint management solution that helps companies, including managed service providers (MSPs), to control servers, laptops, smartphones, and tablets from a central location. The Cybersecurity and Infrastructure Security Agency encourages users and administrators to review the Zoho security update for more information and apply the patch. This product is provided subject to this Notification and this Privacy & Use policy.
Defending Against COVID-19 Cyber Scams
Mar 6, 2020
Original release date: March 6, 2020The Cybersecurity and Infrastructure Security Agency (CISA) warns individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19). Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19. CISA encourages individuals to remain vigilant and take the following precautions. Avoid clicking on links in unsolicited emails and be wary of email attachments. See Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams for more information. Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about COVID-19. Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information. Review CISA Insights on Risk Management for COVID-19 for more information. This product is provided subject to this Notification and this Privacy & Use policy.
NCSC Releases Advisory on Securing Internet-Connected Cameras
Mar 5, 2020
Original release date: March 5, 2020The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an advisory on securing internet-connected cameras such as smart security cameras and baby monitors. An attacker could gain access to unsecured, or poorly secured, internet-connected cameras to obtain live feeds or images. The following steps can help consumers secure their devices. Change your device’s default password, if applicable, and create a strong password. Keep software up to date. Disable the remote access feature, if unused. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC advisory for more information and refer to CISA’s Tips on Securing the Internet of Things and Home Network Security for additional ways to secure internet-connected devices. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Mar 5, 2020
Original release date: March 5, 2020Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates: Intelligent Proximity SSL Certificate Validation Vulnerability cisco-sa-proximity-ssl-cert-gBBu3RB Prime Network Registrar Cross-Site Request Forgery Vulnerability cisco-sa-cpnr-csrf-WWTrDkyL Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities cisco-sa-20200304-webex-player This product is provided subject to this Notification and this Privacy & Use policy.
Point-to-Point Protocol Daemon Vulnerability
Mar 5, 2020
Original release date: March 5, 2020The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Point-to-Point Protocol Daemon versions 2.4.2 through 2.4.8. A remote attacker can exploit this vulnerability to take control of an affected system. Point-to-Point Protocol Daemon is used to establish internet links such as those over dial-up modems, DSL connections, and Virtual Private Networks. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#782301 for more information and apply the necessary patches provided by software vendors. This product is provided subject to this Notification and this Privacy & Use policy.
Social Security Administration Designates March 5 as National ‘Slam the Scam’ Day
Mar 4, 2020
Original release date: March 4, 2020In association with the Federal Trade Commission’s National Consumer Protection Week, the Social Security Administration (SSA) has designated March 5 as National “Slam the Scam” Day to educate Americans about telephone scammers impersonating government employees. These scammers aim to gain potential victims’ trust and steal their money and personally identifiable information. The Cybersecurity and Infrastructure Security Agency (CISA) reminds consumers: Government agencies will never call or text you unsolicited and demand immediate payment to avoid arrest or other legal action; Government agencies will never ask you to pay fines or fees with retail gift cards, prepaid debit cards, wire transfers, internet currency, or by mailing cash; and If you receive these calls or texts, hang up or ignore them, and talk to friends and family to make sure they do the same. CISA encourages all Americans to visit the SSA’s Slam the Scam webpage, review CISA’s Tip on Avoiding Social Engineering and Phishing Attacks, and participate in the online events scheduled throughout the day. This product is provided subject to this Notification and this Privacy & Use policy.
Google Releases Security Updates for Chrome
Mar 4, 2020
Original release date: March 4, 2020Google has released Chrome version 80.0.3987.132 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
ACSC Releases Securing Content Management Systems Guide
Mar 4, 2020
Original release date: March 4, 2020 The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide outlining strategies for identifying and minimizing risks to web servers from installed content management systems (CMS). This guidance provides effective mitigation strategies organizations can use to better protect their external-facing systems from cyber network exploitation. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review ACSC’s Securing Content Management Systems to learn how to improve CMS security. This product is provided subject to this Notification and this Privacy & Use policy.
National Consumer Protection Week
Feb 28, 2020
Original release date: February 28, 2020National Consumer Protection Week (NCPW) is March 1–7. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal Trade Commission (FTC) and its NCPW partners provide free resources to protect consumers from fraud, scams, and identity theft. The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review FTC’s NCPW resource page and review the following CISA tips: Protecting Your Privacy Avoiding Social Engineering and Phishing Attacks Preventing and Responding to Identity Theft This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates
Feb 27, 2020
Original release date: February 27, 2020Cisco has released security updates to address vulnerabilities affecting FXOS, NX-OS, and Unified Computing System (UCS) software. A remote attacker could exploit some of these vulnerabilities to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories, as well as the Cisco Event Response page, and apply the necessary updates: UCS Manager Software Local Management CLI Command Injection Vulnerability cisco-sa-20200226-ucs-cli-cmdinj Nexus 1000V Switch for VMware vSphere Secure Login Enhancements Denial of Service Vulnerability cisco-sa-20200226-nexus-1000v-dos MDS 9000 Series Multilayer Switches Denial of Service Vulnerability cisco-sa-20200226-mds-ovrld-dos FXOS and UCS Manager Software CLI Command Injection Vulnerability cisco-sa-20200226-fxos-ucs-cmdinj FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability cisco-sa-20200226-fxos-ucs-cli-cmdinj XOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability cisco-sa-20200226-fxos-nxos-cdp This product is provided subject to this Notification and this Privacy & Use policy.
New CWE List of Common Security Weaknesses
Feb 26, 2020
Original release date: February 26, 2020MITRE has released version 4.0 of the community-developed Common Weakness Enumeration (CWE) list. Previous CWE list versions describe common software security weaknesses. With version 4.0, the CWE list expands to include hardware security weaknesses. Additionally, version 4.0 simplifies the presentation of weaknesses into various views and adds a search function to enable easier navigation of the information. The Cybersecurity and Infrastructure Security Agency (CISA) sponsors MITRE’s CWE program, which is a community-based initiative. CISA welcomes new partners to the CWE program. Visit https://cwe.mitre.org to learn how to get involved. This product is provided subject to this Notification and this Privacy & Use policy.
OpenSMTPD Releases Version 6.6.4p1 to Address a Critical Vulnerability
Feb 25, 2020
Original release date: February 25, 2020OpenSMTPD has released version 6.6.4p1 to address a critical vulnerability. A remote attacker could exploit this vulnerability to take control of an affected server. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to apply the necessary update. For OpenBSD implementations, binary patches are available through syspatch; see OpenSMTPD’s Message 04888 for further instruction. For other systems, the update is available at OpenSMTPD’s GitHub release page. This product is provided subject to this Notification and this Privacy & Use policy.
