(Report ID: 201824)
Internet Threat Status
CVE Statistics
Last week we saw a slight increase in the total entries of CVE IDs.
Threat Review
New ‘Lazy FP State Restore’ Vulnerability Found in All Modern Intel CPUs
Date: 06-13-2018
Description: Hell Yeah! Another security vulnerability has been discovered in Intel chips that affects the processor’s speculative execution technology—like Specter and Meltdown—and could potentially be exploited to access sensitive information, including encryption related data.
Dixons Carphone breach: Millions of card and user data compromised
Date: 06-13-2018
Description: A prominent United Kingdom-based retailer has suffered a massive data breach in which personal and financial data of millions of customers have been compromised.
Reference: https://www.hackread.com/dixons-carphone-breach-card-user-datacompromised/
Amazon Fire TV & Fire TV Stick hit by crypto mining Android malware
Date: 06-12-2018
Description: A traditional malware aims at stealing user data or keeps an eye on victim’s online activities whereas depending on its capabilities a crypto mining malware not only steals data but also uses computing power (CPU) of victim’s PC to mine cryptocurrency and slow down its performance.
Reference: https://www.hackread.com/amazon-fire-tv-fire-tv-stick-crypto-miningandroid-
Signature Validation Bug Let Malware Bypass Several Mac Security Products
Date: 06-12-2018
Description: A years-old vulnerability has been discovered in the way several security products for Mac implement Apple’s code-signing API that could make it easier for malicious programs to bypass the security check, potentially leaving millions of Apple users vulnerable to hackers.
US debuts world’s fastest supercomputer
Date: 06-11-2018
Description: The machine can process 200,000 trillion calculations per second – or 200 petaflops. China’s Sunway TaihuLight supercomputer, until now the world’s most powerful machine, has a processing power of 93 petaflops.
Reference: https://www.bbc.com/news/technology-44439515
(Compiled by: NSFOCUS TI & Cybersecurity Lab)
Vulnerability Research
Updates of NSFOCUS’s Vulnerability Database
As of 15 June 2018, there have been 40,102 vulnerabilities in NSFOCUS’s vulnerability database. Among 64 vulnerabilities that were newly-added last week, 63 were high-risk ones, one was of medium severity, and there was no low-risk vulnerability.
Adobe Flash Player Out-of-bounds Read Vulnerability (CVE-2018-5001)
- Severity: Critical
- BID:104413
- CVE ID: CVE-2018-5001
Adobe Flash Player Integer Overflow Vulnerability (CVE-2018-5000)
- Severity: Critical
- BID:104413
- CVE ID: CVE-2018-5000
Adobe Flash Player Type Confusion Vulnerability (CVE-2018-4945)
- Severity: Critical
- BID:104413
- CVE ID: CVE-2018-4945
Adobe Flash Player Stack-based Buffer Overflow Vulnerability (CVE-2018-5002)
- Severity: Critical
- BID:104412
- CVE ID: CVE-2018-5002
Cisco Meeting Server Information Disclosure Vulnerability (CVE-2018-0263)
- Severity: Critical
- BID:104419
- CVE ID: CVE-2018-0263
Multiple Cisco Products Disk Utilization Denial of Service Vulnerability (CVE-2017-6779)
- Severity: Critical
- CVE ID: CVE-2017-6779
Cisco AppDynamics App iQ Platform SQL Injection Vulnerability (CVE-2018-0225)
- Severity: Medium
- CVE ID: CVE-2018-0225
Cisco IP Phone 6800/7800/8800 Series with Multiplatform Firmware Denail of Service Vulnerability (CVE-2018-0316)
- Severity: Critical
- CVE ID: CVE-2018-0316
Cisco IOS XE Software Remote Code Execution Vulnerability (CVE-2018-0315)
- Severity: Critical
- BID:104410
- CVE ID: CVE-2018-0315
Cisco Adaptive Security Appliance Denail of Service (CVE-2018-0296)
- Severity: Critical
- CVE ID: CVE-2018-0296
Cisco Network Services Orchestrator Arbitray Command Execution Vulnerability (CVE-2018-0274)
- Severity: Critical
- CVE ID: CVE-2018-0274
Cisco Prime Collaboration Provisioning Access Control Bypass Vulnerability(CVE-2018-0317)
- Severity: Critical
- BID:104432
- CVE ID: CVE-2018-0317
Cisco Prime Collaboration ProvisioningUnauthorized Password Reset Vulnerability(CVE-2018-0318)
- Severity: Critical
- BID:104434
- CVE ID: CVE-2018-0318
Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8110)
- Severity: Critical
- BID:104330
- CVE ID: CVE-2018-8110
Cisco Prime Collaboration ProvisioningUnauthorized Password Recovery Vulnerability (CVE-2018-0319)
- Severity: Critical
- BID:104431
- CVE ID: CVE-2018-0319
Microsoft Edge Remote Memory Corruption Vulnerability (CVE-2018-8111)
- Severity: Critical
- BID:104335
- CVE ID: CVE-2018-8111
Microsoft Edge Remote Information Disclosure Vulnerability (CVE-2018-0871)
- Severity: Critical
- BID:104339
- CVE ID: CVE-2018-0871
Microsoft Remote Memory Corruption Vulnerability (CVE-2018-8236)
- Severity: Critical
- BID:104336
- CVE ID: CVE-2018-8236
Microsoft EdgeRemote Information Disclosure Vulnerability (CVE-2018-8234)
- Severity: Critical
- BID:104340
- CVE ID: CVE-2018-8234
Microsoft EdgeSecurity Bypass Vulnerability (CVE-2018-8235)
- Severity: Critical
- BID:104343
- CVE ID: CVE-2018-8235
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8267)
- Severity: Critical
- BID:104404
- CVE ID: CVE-2018-8267
Microsoft Windows DNSAPI Remote Code Execution Vulnerability (CVE-2018-8225)
- Severity: Critical
- BID:104395
- CVE ID: CVE-2018-8225
Microsoft Windows Arbitray Code Execution Vulnerability (CVE-2018-8213)
- Severity: Critical
- BID:104406
- CVE ID: CVE-2018-8213
Microsoft Internet Explorer Remote Memory Corruption Vulnerability (CVE-2018-8249)
- Severity: Critical
- BID:104363
- CVE ID: CVE-2018-8249
Microsoft Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8243)
- Severity: Critical
- BID:104403
- CVE ID: CVE-2018-8243
Microsoft Windows ‘HTTP.sys’ Remote Code Execution Vulnerability (CVE-2018-8231)
- Severity: Critical
- BID:104373
- CVE ID: CVE-2018-8231
Microsoft Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8229)
- Severity: Critical
- BID:104369
- CVE ID: CVE-2018-8229
Microsoft Windows Media Foundation Memory Corruption Vulnerability (CVE-2018-8251)
- Severity: Critical
- BID:104398
- CVE ID: CVE-2018-8251
Microsoft Windows Kernel Local Privilege Escalation Vulnerability (CVE-2018-0982)
- Severity: Critical
- BID:104382
- CVE ID: CVE-2018-0982
Microsoft Windows WebDAV Denial of Service Vulnerability (CVE-2018-8175)
- Severity: Critical
- BID:104359
- CVE ID: CVE-2018-8175
Microsoft Windows HIDParser Local Privilege Escalation Vulnerability (CVE-2018-8169)
- Severity: Critical
- BID:104356
- CVE ID: CVE-2018-8169
Microsoft Windows Cortana Local Privilege Escalation Vulnerability (CVE-2018-8140)
- Severity: Critical
- BID:104354
- CVE ID: CVE-2018-8140
Microsoft Windows Kernel LocalInformation Disclosure Vulnerability (CVE-2018-8121)
- Severity: Critical
- BID:104380
- CVE ID: CVE-2018-8121
Microsoft Internet Explorer Security Bypass Vulnerability (CVE-2018-8113)
- Severity: Critical
- BID:104365
- CVE ID: CVE-2018-8113
Microsoft Windows Code Integrity Module Denial of Service Vulnerability (CVE-2018-1040)
- Severity: Critical
- BID:104389
- CVE ID: CVE-2018-1040
Microsoft Windows NTFS Local Privilege Escalation Vulnerability (CVE-2018-1036)
- Severity: Critical
- BID:104360
- CVE ID: CVE-2018-1036
Microsoft Windows Desktop Bridge Local Privilege Escalation Vulnerability (CVE-2018-8208)
- Severity: Critical
- BID:104392
- CVE ID: CVE-2018-8208
Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8201)
- Severity: Critical
- BID:104331
- CVE ID: CVE-2018-8201
Microsoft Windows Kernel Local Information Disclosure Vulnerability (CVE-2018-8207)
- Severity: Critical
- BID:104379
- CVE ID: CVE-2018-8207
Microsoft WindowsLocal Denial of Service Vulnerability (CVE-2018-8205)
- Severity: Critical
- BID:104391
- CVE ID: CVE-2018-8205
Microsoft Windows Wireless Network Profile LocalInformation Disclosure Vulnerability (CVE-2018-8209)
- Severity: Critical
- BID:104393
- CVE ID: CVE-2018-8209
Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8221)
- Severity: Critical
- BID:104338
- CVE ID: CVE-2018-8221
Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8217)
- Severity: Critical
- BID:104337
- CVE ID: CVE-2018-8217
Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8216)
- Severity: Critical
- BID:104334
- CVE ID: CVE-2018-8216
Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8215)
- Severity: Critical
- BID:104333
- CVE ID: CVE-2018-8215
Microsoft Windows Device Guard Local Security Bypass Vulnerability(CVE-2018-8212)
- Severity: Critical
- BID:104328
- CVE ID: CVE-2018-8212
Microsoft Windows Device Guard Local Security Bypass Vulnerability (CVE-2018-8211)
- Severity: Critical
- BID:104326
- CVE ID: CVE-2018-8211
Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-8210)
- Severity: Critical
- BID:104407
- CVE ID: CVE-2018-8210
Microsoft Windows GDI Component Information Disclosure Vulnerability (CVE-2018-8239)
- Severity: Critical
- BID:104401
- CVE ID: CVE-2018-8239
Microsoft Office Remote Privilege Escalation Vulnerability (CVE-2018-8245)
- Severity: Critical
- BID:104405
- CVE ID: CVE-2018-8245
Microsoft Outlook Remote Privilege Escalation Vulnerability (CVE-2018-8244)
- Severity: Critical
- BID:104323
- CVE ID: CVE-2018-8244
Microsoft Office Remote Privilege Escalation Vulnerability (CVE-2018-8247)
- Severity: Critical
- BID:104319
- CVE ID: CVE-2018-8247
Microsoft Windows Desktop Bridge Local Privilege Escalation Vulnerability (CVE-2018-8214)
- Severity: Critical
- BID:104394
- CVE ID: CVE-2018-8214
Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8246)
- Severity: Critical
- BID:104322
- CVE ID: CVE-2018-8246
Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8248)
- Severity: Critical
- BID:104318
- CVE ID: CVE-2018-8248
Microsoft SharePoint Server Remote Privilege Escalation Vulnerability (CVE-2018-8252)
- Severity: Critical
- BID:104317
- CVE ID: CVE-2018-8252
Microsoft SharePoint Server Remote Privilege Escalation Vulnerability(CVE-2018-8254)
- Severity: Critical
- BID:104325
- CVE ID: CVE-2018-8254
Microsoft Windows Hyper-V Code Integrity Privilege Escalation Vulnerability (CVE-2018-8219)
- Severity: Critical
- BID:104353
- CVE ID: CVE-2018-8219
Microsoft Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8227)
- Severity: Critical
- BID:104368
- CVE ID: CVE-2018-8227
Microsoft Internet Explorer Remote Memory Corruption Vulnerability (CVE-2018-0978)
- Severity: Critical
- BID:104364
- CVE ID: CVE-2018-0978
Microsoft Windows Hyper-VDenial of Service Vulnerability (CVE-2018-8218)
- Severity: Critical
- BID:104402
- CVE ID: CVE-2018-8218
Microsoft Windows Kernel Local Privilege Escalation Vulnerability (CVE-2018-8224)
- Severity: Critical
- BID:10438
- CVE ID: CVE-2018-8224
Microsoft Windows ‘HTTP.sys’ Remote Denial of Service Vulnerability (CVE-2018-8226)
- Severity: Critical
- BID:104361
- CVE ID: CVE-2018-8226
Microsoft Windows Kernel ‘Win32k.sys’Local Privilege Escalation Vulnerability (CVE-2018-8233)
- Severity: Critical
- BID:104383
- CVE ID: CVE-2018-8233
(Source: NSFOCUS Security Research Department & Product Groups)
Vulnerability in the Spotlight
Adobe Flash Player Remote Code Execution Vulnerability
NSFOCUS ID: 40042
CVE ID: CVE-2018-5002
Affected Versions: Adobe Flash Player <= 29.0.0.171
Comment: Flash Player is a multimedia program player released by Adobe. A type confusion vulnerability was disclosed in Adobe Flash Player 29.0.0.171 and its earlier versions. This vulnerability could be exploited by attackers to execute arbitrary code. At present, attacks exploiting this vulnerability have appeared. Adobe has issued a security advisory (APSB18-19), together with corresponding patches. Users are advised to fix it as soon as possible.
(Source: NSFOCUS Security Research & Product Groups)