HTG Threat Report

Threat Report 4/18/24

Written by Evan Kennedy | Apr 18, 2024 8:22:34 PM
A Vulnerability in Google Chrome
Could Allow for Remote Code Execution
     

Multiple vulnerabilities have been discovered in Google Chrome, which could allow for remote code execution. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.


 

Affected Systems:

  • Chrome versions prior to 124.0.6367.60/.61 for Windows and Mac 

  • Chrome versions prior to 124.0.6367.60 for Linux

Risk

  • Large and medium business entities: High
  • Small business entities: Medium

 

Remediation Recommendations

  • Ensure all devices with Google Chrome have the latest version installed.
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References

 
Vulnerabilities in Adobe Products
Could Allow for Arbitrary Code Execution   
        

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user.  

 

Affected Systems:

  • Adobe After Effects 24.1 and earlier versions on Windows and macOS. 

  • Adobe After Effects 23.6.2 and earlier versions on Windows and macOS. 

  • Adobe Photoshop 2023 24.7.2 and earlier versions on Windows and macOS. 

  • Adobe Photoshop 2024 25.3.1 and earlier versions on Windows and macOS. 

  • Adobe Commerce 2.4.7-beta3 and earlier versions. 

  • Adobe Commerce 2.4.6-p4 and earlier versions. 

  • Adobe Commerce 2.4.5-p6 and earlier versions. 

  • Adobe Commerce 2.4.4-p7 and earlier versions. 

  • Adobe Commerce 2.4.3-ext-6 and earlier versions. 

  • Adobe Commerce 2.4.2-ext-6 and earlier versions. 

  • Adobe Commerce 2.4.1-ext-6 and earlier versions. 

  • Adobe Commerce 2.4.0-ext-6 and earlier versions. 

  • Adobe Commerce 2.3.7-p4-ext-6 and earlier versions, 

  • Adobe Commerce Magento Open Source 2.4.7-beta3 and earlier versions. 

  • Adobe Commerce Magento Open Source 2.4.6-p4 and earlier versions. 

  • Adobe Commerce Magento Open Source 2.4.5-p6 and earlier versions. 

  • Adobe Commerce Magento Open Source 2.4.4-p7 and earlier versions. 

  • Adobe InDesign ID18.5.1 and earlier versions for Windows and macOS. 

  • Adobe InDesign ID19.2 and earlier versions for Windows and macOS. 

  • Adobe Experience Manager (AEM) AEM Cloud Service (CS) 

  • Adobe Experience Manager (AEM) 6.5.19 and earlier versions. 

  • Adobe Media Encoder 24.2.1 and earlier versions for Windows and macOS. 

  • Adobe Media Encoder 23.6.4 and earlier versions for Windows and macOS. 

  • Adobe Bridge 13.0.6 and earlier versions for Windows and macOS. 

  • Adobe Bridge 14.0.2 and earlier versions for Windows and macOS. 

  • Adobe Illustrator 2024 28.3 and earlier versions for Windows and macOS. 

  • Adobe Illustrator 2023 27.9.2 and earlier versions for Windows and macOS. 

  • Adobe Animate 2023 23.0.4 and earlier versions for Windows and macOS. 

  • Adobe Animate 2024 24.0.1 and earlier versions for Windows and macOS. 

 


Risk

  • Large and medium business entities: High
  • Small business entities: Medium

 

Remediation Recommendations

  • Ensure all versions of all Adobe products are updated to their latest versions 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References

 
Multiple Vulnerabilities in Mozilla Products
Could Allow for Arbitrary Code Execution
 

Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.   

  • Mozilla Firefox is a web browser used to access the Internet. 
  • Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. 
  • Mozilla Thunderbird is an email client. 

Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. 

Affected Systems:

  • Firefox ESR versions prior to 115.10
  • Thunderbird versions prior to 115.10 
  • Firefox versions prior to 125 

     

Risk

  • Large and medium business entities: High
  • Small business entities: Medium

 

Remediation Recommendations

  • Ensure all devices running Mozilla products have the latest version(s) installed. 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References


 
Oracle Quarterly Critical Patches Issued 

 

Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution.

Affected Systems:

  • Most major Oracle products including MySQL and Java SE.  
  • For a full list of affected systems, check the reference link below.

Risk

  • Large and medium business entities: High
  • Small business entities: High

 

Remediation Recommendations

  • Ensure all devices running Oracle products have the latest version(s) installed 
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References

 
A Vulnerability in PAN-OS
Could Allow for Arbitrary Code Execution  

 

A vulnerability has been discovered in PAN-OS that could allow for arbitrary code execution. PAN-OS is the software that runs all Palo Alto Networks' next-generation firewalls. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the root user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. 

Affected Systems:

  • PAN-OS 11.1 versions prior to 11.1.2-h3 
  • PAN-OS 11.0 versions prior to 11.0.4-h1 
  • PAN-OS 10.2 versions prior to 10.2.9-h1 

Risk

  • Large and medium business entities: High
  • Small business entities: Medium

 

Remediation Recommendations

  • Ensure all software using PAN-OS have the latest version installed.
  • Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it) 

References