REDLEGG BLOG

Emergency Vulnerability Bulletin - 12/13/22

12/13/22 4:45 PM  |  by RedLegg Blog

About:
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.

RedLegg will include a brief description of the vulnerability, whether or not an active exploit or POC exists, and then a link to an update, if any, exists. If no update exists, there will be remediation or mitigation suggestions to limit each vulnerability's risk.

VULNERABILITIES

Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability

Identifier: CVE-2022-27518
Exploit or POC: Yes (Actively Being Exploited)
Update: https://support.citrix.com/article/CTX474995/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518

Description: CVE-2022-27518 allows an attacker to execute remote code arbitrarily and gain control of affected devices. Successful exploitation of this vulnerability does not require an attacker to be authenticated.

Mitigation recommendation: Patching is currently the only method of mitigation.
RedLegg Action: None at this time.

 

Windows SmartScreen Security Feature Bypass Vulnerability

Identifier: CVE-2022-44698
Exploit or POC: Yes (Actively Being Exploited)
Update: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-44698

Description: CVE-2022-44698 allows an attacker to exploit the bypass security feature. Successful exploitation requires user interaction. This vulnerability would allow an attacker to create a customized malicious file that would circumvent the Mark of the Web (MOTW) defenses, subsequently producing a limited loss of integrity and availability of security features.

Mitigation recommendation: Patching is currently the only method of mitigation.
RedLegg Action: None at this time.

 

Critical Security Vulnerabilities Bulletin