Vulnerability Weekly 16/5/2022

This week there were mostly updates on existing flaws - Qnap, F5 discloses vulnerabilities,

This week features Apple O/S Zero Day, Cisco, and Netgear update, Zyxel Firewall, Sonicwall Patch, Nvidia add by CISA

For the full version

Appsec

Nothing Major this week on application security or packages

INFRA/Network

Apple OS AVD

Security Apple

Patch has been released

Named CVE-2022-22675 in the AppleAVD (a kernel extension for audio and video decoding) that allows apps to execute arbitrary code with kernel privileges.

Details: https://support.apple.com/en-us/HT213220

Credit: Mickey Jin (@patch1t) of Trend Micro

The bug was reported by anonymous researchers and fixed by Apple in?macOS Big Sur 11.6.,?watchOS 8.6, and?tvOS 15.5?with improved bounds checking.

This year there have been 5 security updates on apple for more

QNAP

QNAP Has released OS Firmware for the following vulnerabilities Tracked as??

CVE-2022-23121 and others were discovered by NCC Group EDG team at Pwn2Own

The following Vulnerabilities were patched in the latest release

• CVE-2022-27588?
• CVE-2021-38693?
• CVE-2021-44051?
• CVE-2021-44052?
• CVE-2021-44053?
• CVE-2021-44054?
• CVE-2021-44055?
• CVE-2021-44056?
• CVE-2021-44057?

More details: https://www.qnap.com/en-uk/security-advisories

Affected Versions

• QTS 5.0.x and later
• QTS 4.5.4 and later
• QTS 4.3.6 and later
• QTS 4.3.4 and later
• QTS 4.3.3 and later
• QTS 4.2.6 and later
• QuTS hero h5.0.x and later
• QuTS hero h4.5.4 and later
• QuTScloud c5.0.x

Sonicwall patch

SSL Appliance SSLVPN SMA 1000 bug allows users to bypass authorization

SummaryCVSS ScoreImpacted FirmwareFixed FirmwareUnauthenticated access control bypass8.2 (High)12.4.0

12.4.112.4.1-02994Use of hard-coded cryptographic key5.7 (Medium)12.4.0

12.4.112.4.1-02994URL redirection to an untrusted site (open redirection)6.1 (Medium)12.4.0

12.4.112.4.1-02994

The security bugs impact the following?SMA 1000 Series models: 6200, 6210, 7200, 7210, 8000v (ESX, KVM, Hyper-V, AWS, Azure).

CVE-2022-22282 is the most severe as it allows unauthenticated attackers to bypass authentication.

Zyxel Firewalls

Shadowserver Foundation?reported seeing an increased attack number leveraging the?CVE-2022-30525?recently discovered

More than 20000 Zyxel firewall affected are currently on the web (shodan results) requires login

The following models are affected

Affected model

FLEX 100(W), 200, 500, 700ZLD V5.00 through ZLD V5.21

Patch 1ZLD V5.30

USG FLEX 50(W) / USG20(W)-VPNZLD V5.10 through ZLD V5.21 Patch 1ZLD V5.30

ATP series

ZLD V5.10 through ZLD V5.21

Patch 1ZLD V5.30

VPN series

ZLD V4.60 through ZLD V5.21

Patch 1ZLD V5.30

Nvidia Card

Four vulnerabilities were addressed in the latest release. Coverage R450, R470, and R510. Interestingly also covered support card with the latest release: GTX 600 and GTX 700 Kepler-series cards, whose support ended in October 2021.

• CVE-2022-28181?(CVSS v3 score: 8.5) – Out-of-bounds write in the kernel mode layer caused by a specially crafted shader sent over the network, potentially leading to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
• CVE-2022-28182?(CVSS v3 score: 8.5) – Flaw in DirectX11 user mode driver allowing an unauthorized attacker to send a specially crafted shared over the network and cause denial of service, escalation of privileges, information disclosure, and data tampering.
• CVE-2022-28183?(CVSS v3 score: 7.7) – Vulnerability in the kernel mode layer, where an unprivileged regular user can cause an out-of-bounds read, which may lead to denial of service and information disclosure.
• CVE-2022-28184?(CVSS v3 score: 7.1) – Vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a regular unprivileged user can access administrator-privileged registers, which may lead to denial of service, information disclosure, and data tampering.

For cloud vulnerability check