Cybersecurity

As included in the Spotlight section of the Security & Resilience Update on Tuesday, Microsoft released a patch for CVE-2020-1350, a critical remote code execution (RCE) vulnerability dubbed SIGRed. All Windows Server versions from 2008 to the present are vulnerable. SIGRed only affects Windows DNS Servers; Windows DNS clients are not susceptible. However, SIGRed is wormable so it can be spread between vulnerable devices without user interaction.

Yesterday afternoon fake Tweets began circumnavigating the Twitter-sphere after a malicious actor presumably gained access to Twitter’s internal systems and tools. In what is believed to be a coordinated social engineering attack, several high-profile and Twitter-verified globally influential accounts tweeted fake cryptocurrency messages among millions of followers.

CISA has published an advisory on an uncontrolled resource consumption vulnerability in Siemens SIMATIC S7-200 SMART CPU family. Versions 2.2 and later, prior to v2.5.1, are affected. Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. Siemens recommends users update to v2.5.1 and limit network access to device to trusted sources. CISA also recommends a series of measures to mitigate the vulnerability.

CISA has published an advisory on out-of-bounds read, missing authentication for critical function, missing encryption of sensitive data, use of password hash with insufficient computational effort, cross-site scripting, classic buffer overflow, basic XSS, and authentication bypass by capture-replay vulnerabilities in Siemens SICAM MMU, SICAM T, and SICAM SGU. For SICAM MMU, all versions prior to 2.05 are affected. For SICAM SGU, all versions are affected. And for and SICAM T, all versions prior to 2.18 are affected.