ÐÅÏ¢°²È«Öܱ¨-2021ÄêµÚ22ÖÜ

°ä²¼¹¦·ò 2021-05-31

> ±¾Öܰ²È«Ì¬ÊÆ×ÛÊö


2021Äê05ÔÂ24ÈÕÖÁ05ÔÂ30ÈÕ¹²ÊÕ¼°²È«·ì϶62¸ö £¬ÖµµÃ¹Ø×¢µÄÊÇApple Safari CVE-2021-30749ÄÚ´æÃýÎóÒýÓôúÂëÖ´Ðзì϶£»Google Chrome CVE-2021-30521 Autofill¶ÑÒç¶Âí½Å£»MesaLabs AmegaViewĬÈÏCOOKIEÑéÖ¤ÈÆ¹ý·ì϶£»CommScope Ruckus IoT ControllerÓ²±àÂëAPIÃÜÔ¿·ì϶£»IBM WebSphere Exteme Scale apache synapse´úÂëÖ´Ðзì϶ ¡£


±¾ÖÜÖµµÃ¹Ø×¢µÄÍøÂ簲ȫÊÂÎñÊǵçÉÌÆ½Ì¨Mercari³ÆÆäÊܵ½Codecov¹©¸øÁ´¹¥»÷Ó°Ï죻Unit 42°ä²¼ÓйØÀÕË÷Èí¼þ¹¥»÷»î¶¯µÄ·ÖÎö»ã±¨£»Apple°ä²¼°²È«¸üР£¬½¨¸´3¸öÒѱ»ÔÚÒ°ÀûÓõÄ0day£»×êÑÐÈËÔ±³ÆWindows IIS·þÎñÆ÷Öеķì϶¿ÉÓ°ÏìWinRM£»VMware°ä²¼°²È«¸üР£¬½¨¸´vCenterÖÐÑϳÁµÄRCE·ì϶ ¡£


ƾ¾ÝÒÔÉÏ×ÛÊö £¬±¾Öܰ²È«ÍþвΪÖÐ ¡£


> ³ÁÒª°²È«·ì϶Áбí


1.Apple Safari CVE-2021-30749ÄÚ´æÃýÎóÒýÓôúÂëÖ´Ðзì϶


Apple Safari´æÔÚÄÚ´æ·ÛËé·ì϶ £¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄWEBÒªÇó £¬ÓÕʹÓû§½âÎö £¬¿É¶ÔÀûÓ÷¨Ê½½øÐлؾø·þÎñ¹¥»÷»òÕßÒÔÀûÓ÷¨Ê½¸ßµÍÎÄÖ´ÐÐËÁÒâ´úÂë ¡£

https://support.apple.com/en-us/HT212529


2.Google Chrome CVE-2021-30521 Autofill¶ÑÒç¶Âí½Å


Google Chrome Autofill´æÔÚ¶ÑÒç¶Âí½Å £¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄWEBÒªÇó £¬ÓÕʹÓû§½âÎö £¬Äܹ»ÀûÓ÷¨Ê½¸ßµÍÎÄÖ´ÐÐËÁÒâ´úÂë»ò¶ÔÀûÓ÷¨Ê½½øÐлؾø·þÎñ¹¥»÷ ¡£

https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html


3.MesaLabs AmegaViewĬÈÏCOOKIEÑéÖ¤ÈÆ¹ý·ì϶


MesaLabs AmegaView´æÔÚĬÈÏCOOKIE·ì϶ £¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó £¬¿ÉδÊÚȨ½Ó¼ûÀûÓà ¡£

https://us-cert.cisa.gov/ics/advisories/icsa-21-147-03


4.CommScope Ruckus IoT ControllerÓ²±àÂëAPIÃÜÔ¿·ì϶


CommScope Ruckus IoT Controller OVAÓ³ÏñÎļþ´æÔÚAPIÃÜÔ¿·ì϶ £¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó £¬¿Éͨ¹ýAPIÖ´ÐйҽÓÎļþϵͳ ¡£

https://packetstormsecurity.com/files/162843/CommScope-Ruckus-IoT-Controller-1.7.1.0-Hard-Coded-API-Keys-Exposed.html


5.IBM WebSphere Exteme Scale apache synapse´úÂëÖ´Ðзì϶


IBM WebSphere Exteme Scale apache synapseÐòÁл¯¶ÔÏó´æÔÚ°²È«·ì϶ £¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÀûÓ÷ì϶Ìá½»ÌØÊâµÄÒªÇó £¬Äܹ»ÀûÓ÷¨Ê½¸ßµÍÎÄÖ´ÐÐËÁÒâ´úÂë ¡£

https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-websphere-extreme-scale-liberty-deployment/


> ³ÁÒª°²È«ÊÂÎñ×ÛÊö


1¡¢µçÉÌÆ½Ì¨Mercari³ÆÆäÊܵ½Codecov¹©¸øÁ´¹¥»÷Ó°Ïì


1.jpg


µçÉÌÆ½Ì¨Mercari³ÆÆäÊܵ½Codecov¹©¸øÁ´¹¥»÷µÄÓ°Ïì £¬´óÁ¿¿Í»§ÐÅϢй¶ ¡£MercariÊÇÒ»¼ÒÈÕ±¾ÉÏÊй«Ë¾ £¬½ØÖÁ2017Äê £¬ÆäÀûÓ÷¨Ê½ÔÚÈ«ÇòµÄÏÂÔØÁ¿Òѳ¬¹ý1ÒÚ´Î ¡£Õâ´ÎÊÂÎñй¶ÁË17085ÌõÉæ¼°¿Í»§ÕÊ»§µÄÐÅÏ¢ £¬Ô̺¬ÒøÐдúÂë¡¢·ÖÐдúÂë¡¢ÕʺźͳÖÓÐÈ˵È£»7966ÌõMercariºÍMerpayºÏ×÷ͬ°éµÄÐÅÏ¢ £¬Ô̺¬ÐÕÃû¡¢µ®ÉúÈÕÆÚ¡¢´ÓÊô¹ØÏµºÍÓʼþµØÖ·µÈ£»ÒÔ¼°2615ÌõÔ±¹¤ÐÅÏ¢µÈ ¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/e-commerce-giant-suffers-major-data-breach-in-codecov-incident/


2¡¢Unit 42°ä²¼ÓйØÀÕË÷Èí¼þ¹¥»÷»î¶¯µÄ·ÖÎö»ã±¨


2.jpg


Unit 42°ä²¼ÁËÓйØÀÕË÷Èí¼þ¹¥»÷»î¶¯µÄ·ÖÎö»ã±¨ ¡£»ã±¨Ö¸³ö £¬ÔÚ´ÓǰµÄ¼¸ÄêÖÐ £¬ÀÕË÷¹¥»÷»î¶¯µÄÊýÁ¿¼±¾çÉÏÉý ¡£2020ÄêÖ§¸¶µÄ¾ùÔÈÊê½ð³¬¹ý31.2ÍòÃÀÔª £¬±È2019ÄêÔö³¤ÁË171£¥ £¬µ½Ä¿Ç°ÎªÖ¹ £¬ÕâÒ»Êý×ÖÓÖÔö³¤Á˽üÁ½±¶ £¬´ïµ½85ÍòÃÀÔª ¡£¶ø¶ÔÓÚ´óÐÍÆóÒµ £¬Êê½ð½ð¶î¾ùÔÈ¿¿½ü300ÍòÃÀÔª ¡£È¥Äê×î¸ßµÄÊê½ð½ð¶î´Ó1500ÍòÃÀÔªÔö³¤µ½3000ÍòÃÀÔª £¬¶ø½ñÄêÔò¸ß´ï5000ÍòÃÀÔª ¡£


Ô­ÎÄÁ´½Ó£º

https://unit42.paloaltonetworks.com/breaking-down-ransomware-attacks/


3¡¢Apple°ä²¼°²È«¸üР£¬½¨¸´3¸öÒѱ»ÔÚÒ°ÀûÓõÄ0day


3.jpg


Æ»¹ûÒѾ­°ä²¼Á˰²È«¸üР£¬½¨²¹3¸öÒѱ»ÔÚÒ°ÀûÓõÄmacOSºÍtvOS 0day ¡£ÆäÖеÄÁ½¸öÊÇÄÚ´æ°Ü»µ·ì϶£¨CVE-2021-30663ºÍCVE-2021-30665£© £¬Ó°ÏìÁËApple TV 4KºÍApple TV HDÉ豸 ¡£µÚÈý¸öÊÇTCC¿ò¼ÜÖеÄÌáȨ·ì϶ £¬Ó°ÏìÁËmacOS Big SurÉ豸 £¬ÏÖÒѱ»XCSSET¶ñÒâÈí¼þÓÃÀ´ÈƹýmacOSÒþÖÔ±£»¤ ¡£±¾Ô³õ £¬Apple»¹½¨¸´ÁËWebkitÒýÇæÖеÄÁ½¸öiOS 0day ¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/apple-fixes-three-zero-days-one-abused-by-xcsset-macos-malware/


4¡¢×êÑÐÈËÔ±³ÆWindows IIS·þÎñÆ÷Öеķì϶¿ÉÓ°ÏìWinRM


4.jpg


×êÑÐÈËÔ±im DeVries³ÆWindows IIS·þÎñÆ÷Öеķì϶¿ÉÓ°ÏìWinRM ¡£¸Ã·ì϶ÊÇWindows IIS·þÎñÆ÷ʹÓõÄHTTPºÍ̸ջ£¨http.sys£©ÖеÄÔ¶³ÌÖ´ÐдúÂë·ì϶ £¬±»×·×ÙΪCVE-2021-31166 £¬ÒÑͨ¹ýMicrosoft°ä²¼µÄ5Ô·ݰ²È«¸üн¨¸´ ¡£ÉÏÖÜÄ© £¬Axel Souchet°ä²¼Á˸÷ì϶µÄPoC £¬¿ÉÀûÓÃÌØÔìµÄÊý¾Ý°üµ¼ÖÂÀ¶ÆÁËÀ»ú ¡£µ«ÊÇ £¬Jim DeVries·¢ÏÖËü»¹»áÓ°ÏìÔËÐÐÁËWinRM·þÎñ£¨WindowsÔ¶³ÌÖÎÀí£©µÄWindows 10ϵͳºÍ·þÎñÆ÷ ¡£Will Dormann³Æ £¬Óг¬¹ý200Íò¸öWinRM·þÎñ¶³öµÄWindowsϵͳÄܹ»Í¨¹ýInternet½Ó¼û ¡£


Ô­ÎÄÁ´½Ó£º

https://securityaffairs.co/wordpress/118189/security/cve-2021-31166-windows-http-flaw.html


5¡¢VMware°ä²¼°²È«¸üР£¬½¨¸´vCenterÖÐÑϳÁµÄRCE·ì϶


5.jpg


VMware°ä²¼°²È«¸üР£¬½¨¸´vCenterÖÐÑϳÁµÄÔ¶³Ì´úÂëÖ´ÐУ¨RCE£©·ì϶ ¡£¸Ã·ì϶±»×·×ÙΪCVE-2021-21985 £¬CVSSv3ÆÀ·ÖΪ9.8 £¬Ó°ÏìÁËvCenter Server 6.5¡¢6.7ºÍ7.0 ¡£·ì϶ÊÇÓÉÓÚVirtual SANÔËÐÐÇé¿ö²é³­²å¼þÖжÌȱÊäÈëÑéÖ¤µ¼ÖµÄ £¬ÓµÓÐ443¶Ë¿Ú½Ó¼ûȨµÄ¹¥»÷ÕßÄܹ»ÀûÓÃÆäÖ´ÐÐËÁÒâºÅÁî ¡£VMware³Æ £¬ËùÓÐvCenter Server £¬ÎÞÂÛÆäÊÇ·ñʹÓÃvSAN £¬¶¼Ä¬ÈÏÆôÓÃÁËVirtual SANÔËÐÐÇé¿ö²é³­²å¼þ ¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/vmware-warns-of-critical-bug-affecting-all-vcenter-server-installs/