Article Details
Scrape Timestamp (UTC): 2024-01-09 09:55:11.950
Source: https://thehackernews.com/2024/01/alert-new-vulnerabilities-discovered-in.html
Original Article Text
Click to Toggle View
Alert: New Vulnerabilities Discovered in QNAP and Kyocera Device Manager. A security flaw has been disclosed in Kyocera's Device Manager product that could be exploited by bad actors to carry out malicious activities on affected systems. "This vulnerability allows attackers to coerce authentication attempts to their own resources, such as a malicious SMB share, to capture or relay Active Directory hashed credentials if the 'Restrict NTLM: Outgoing NTLM traffic to remote servers' security policy is not enabled," Trustwave said. Tracked as CVE-2023-50916, Kyocera, in an advisory released late last month, described it as a path traversal issue that enables an attacker to intercept and alter a local path pointing to the backup location of the database to a universal naming convention (UNC) path. This, in turn, causes the web application to attempt to authenticate the rogue UNC path, resulting in unauthorized access to clients' accounts and data theft. Furthermore, depending on the configuration of the environment, it could be exploited to pull off NTLM relay attacks. The shortcoming has been addressed in Kyocera Device Manager version 3.1.1213.0. QNAP Releases Fixes for Several Flaws The development comes as QNAP released fixes for several flaws, including high-severity vulnerabilities impacting QTS and QuTS hero, QuMagie, Netatalk and Video Station. This comprises CVE-2023-39296, a prototype pollution vulnerability that could allow remote attackers to "override existing attributes with ones that have an incompatible type, which may cause the system to crash." The shortcoming has been addressed in versions QTS 5.1.3.2578 build 20231110 and QuTS hero h5.1.3.2578 build 20231110. A brief description of the other notable flaws is as follows - While there is no evidence that the flaws have been exploited in the wild, it's recommended that users take steps to update their installations to the latest version to mitigate potential risks. The Ultimate Enterprise Browser Checklist Download a Concrete and Actionable Checklist for Finding a Browser Security Platform. Master Cloud Security - Get FREE eBook Comprehensive eBook covering cloud security across infrastructure, containers, and runtime environments for security professionals
Daily Brief Summary
A significant security flaw in Kyocera's Device Manager has been reported, allowing potential interception and manipulation of Active Directory hashed credentials.
The vulnerability, identified as CVE-2023-50916, is described as a path traversal issue enabling attackers to redirect database backup paths and achieve unauthorized access.
The vulnerability can lead to NTLM relay attacks depending on the configuration, raising concerns about data theft and compromised client accounts.
This issue has been addressed in the Kyocera Device Manager version 3.1.1213.0, marking an important security update.
QNAP also fixed several high-severity vulnerabilities, notably CVE-2023-39296, which could cause system crashes through prototype pollution.
QNAP updates addressing these vulnerabilities have been released for QTS and QuTS hero, amongst other affected software components.
Users of affected QNAP and Kyocera products are strongly advised to update to the latest software versions to safeguard against these security flaws.
Despite no current exploitation reports, timely updates are crucial to mitigate risks and ensure the security integrity of the enterprise's network systems.