Two old security vulnerabilities impacting TIBCO Software's Java-based reporting and data analytics platform JasperReports are being leveraged in ongoing attacks, prompting their addition to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, reports The Hacker News.
Threat actors have been exploiting CVE-2018-5430, an information disclosure flaw patched in April 2018, to facilitate read-only access to arbitrary files.
"The impact includes the possible read-only access by authenticated users to web application configuration files that contain the credentials used by the server. Those credentials could then be used to affect external systems accessed by the JasperReports Server," said TIBCO.
Meanwhile, CVE-2018-18809, a directory traversal bug addressed in March 2019, could be abused to enable sensitive file access for web server users and eventually allow credential theft and further system infiltrations.
While no specifics have been provided by CISA regarding the ongoing attacks leveraging the flaws, federal agencies have been required to remediate both vulnerabilities by Jan. 19.
Android devices on the latest version of the operating system were discovered to be impacted by a vulnerability that exposes DNS queries upon switching VPN servers despite the activation of the "Always-on VPN" functionality while blocking connections that do not have VPN, according to BleepingComputer.
BleepingComputer reports that online banking accounts across Finland were noted by the country's Transport and Communications Agency, or Traficom, to have been targeted by ongoing Android malware attacks.
BleepingComputer reports that numerous Android apps with over four billion downloads are susceptible to the novel Dirty Stream attack, which involves the exploitation of a flaw in Android's content provider system that could enable arbitrary code execution and secrets compromise.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news