Cybersecurity

Over the past week, two supply-chain attacks have come to light. The first involves VestaCP, a control-panel interface that system administrators use to manage servers. According to security firm Eset, unknown attackers compromised VestaCP servers and used their access to make a malicious change to an installer that was available for download. “The VestaCP installation script was altered to report back generated admin credentials to vestacp.com after a successful installation,” said ESET Malware Researcher Marc-Étienne M.Léveillé.

libssh has released security updates addressing a vulnerability affecting libssh versions 0.6 and above. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the libssh Security Release for additional information and apply the necessary updates.

The NCCIC has released an advisory about authentication bypass by capture-replay, improper access control, and improper authentication vulnerabilities in GAIN Electronic Co. Ltd SAGA1-L Series. All firmware versions prior to A0.10 are affected. Successful exploitation of these vulnerabilities could allow remote code execution and potentially delete the product’s firmware. GAIN Electronic Co. Ltd has recommended that users update to firmware version A0.10. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities.

The NCCIC has released an advisory on stack-based buffer overflow, external control of file name or path, improper privilege management, and path traversal vulnerabilities in Advantech WebAccess. Versions 8.3.1 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, access files and perform actions at a privileged level, or delete files on the system. Advantech has released Version 8.3.3 of WebAccess to address the reported vulnerabilities.