A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)), CP-8050 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)). The affected devices contain a hard-coded ID in the SSH `authorized_keys` configuration file. An attacker with knowledge of the corresponding private key could login to the device via SSH. Only devices with activated debug support are affected.

%PDF-1.5 %���� 53 0 obj << /Length 3294 /Filter /FlateDecode >> stream x���n�F��\_����z

CVE-2023-36380

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20). The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to `NT AUTHORITY/SYSTEM`.

%PDF-1.5 %���� 55 0 obj << /Length 2375 /Filter /FlateDecode >> stream x��Zmo�8��\_��2p��N��= ��E�6m6v�X��A��X�my-9����!)G�ׅۻڈ���q晱H�����ϓ��&2��\`24�b�mL$�&��C8γe�\*C��p����\`He�W\_����1/��$�S�l7n-���mZ\]\\�������/g�����(0D�̀�4�A�<��' ��엀D����}s�#)8����3Ⅺ�-�(��\*"1;D3��bG��GҀ���� �&�\*� � �B�W�Q)#ʎ�\\F����M \`CB����+2np�J��&K�}�O0��Eĥ��1��G�Р���4�m�oЙ��2/˼X�ab�{��0��Q2�pK�!�W΁����#��Ⓦ�c��ʢX���@�{ ��sT�i��y"!#A2�ĸ���{uq~�ϻ:"��Ļ$pr����1� ���5\]ϧ������oc+B7 v����{2Ã!eq�lm�^�iR����uRe� �ǂ��0>���&@xH�#�r�M�ʭ�\[O�\*�)}i�t�.�rV~�� ���V��4һ�~

CVE-2023-45205

A vulnerability has been identified in Simcenter Amesim (All versions < V2021.1). The affected application contains a SOAP endpoint that could allow an unauthenticated remote attacker to perform DLL injection and execute arbitrary code in the context of the affected application process.

%PDF-1.5 %���� 54 0 obj << /Length 2772 /Filter /FlateDecode >> stream xڵZ\[s�H~���mQUԡo4�����

CVE-2023-43625

A vulnerability has been identified in Mendix Forgot Password (Mendix 10 compatible) (All versions < V5.4.0), Mendix Forgot Password (Mendix 7 compatible) (All versions < V3.7.3), Mendix Forgot Password (Mendix 8 compatible) (All versions < V4.1.3), Mendix Forgot Password (Mendix 9 compatible) (All versions < V5.4.0). Applications using the affected module are vulnerable to user enumeration due to distinguishable responses. This could allow an unauthenticated remote attacker to determine if a user is valid or not, enabling a brute force attack with valid users.

%PDF-1.5 %���� 55 0 obj << /Length 2572 /Filter /FlateDecode >> stream x��ZYs�8~����JU#7�Ծh|�<'YK��Tf��Y��({��o7J$E1tI٩JL}}�͆h����ٯ��kG�X�u4~�%�֑��(f��4��e�<\]��n��(�lV�S�,��N\_��텡o}���,��ZN7�������?ǿ�\]���}ƀ!��������4�»�"J���W7sI%���g���g4U\\+4Q<�4�1o�Kb�ܒt�Q,b�XiLYA��㠠�p����x�/S�0�esf\`b�ݼD�0b��BC0"c�&3�Pj�ܯ��>�rb@\]x��Ǣ�w�8Q�s�+�⸍w$3S��j�g�����$ϖ�1�!�r��Pl�IA��mb 1��\_���-@�o���'����>��RسP�ƶ ��$��!k0�D/��A�9�;�@�D�v΁��5ܦ�i�������qÛNa@J"�<В5�\_C�����c���Kն��XUb�%�IN��~��˓�x�����iC0��+Pd��!,崓4fZ����5qn!E�R�|=�Բ�@���р+"��ظ�7�&>��w���;H���=��b�(��-��1b���?$�ܯ���U�0��U��\*\]��\_�1���5���qY�#�뾌F~ы �����Ӑ�'�2\`���:��U����J6�% �Ķ�XZBu�����vx�W��;n^�>��w�(�xA�a�x��O �ж�����s�0q��ֹ.�bY�����{���,y�a �O��l0g�\]o3^��qʋ��n0�t7�?%�\_9Ynfa�d6\[z�GE�ZY��$�i/\`���}�;�Af�h��\_Wi��������Y6��(��.�.Bl\\�UY��uW�i�{J܍��f)���o��9}�0"����7ɃO'y��ٗ��\`�ët��Î�@�ɷ��O.ƶ�g�}�\_z�vR6�������E?V�ޏ���W�ˆ��-xl�����1r�Hh(#kc�a�R����ק����A�N|��\_R�.$�$��V��6�f�� ��J���\\8v�8�T�1��$� �O��7�>6�,�?)�\\V�w�VW���\` 쟆� h��-$\`r4t�bG�����\]�>Y�-o���+����Xh��mkG��$�!!Ax.�Bu�"?�#�˫ʅY�!>�4i����ۘ0��U���MdU#wާفO)>j�xx���^���?�s�����=g�(���e�V{&���%��\\�����o�9����/�axWs��?����\_ >�A|\]��$��������\]�u�v���f��Ȋn����A���+<���O�����5w\_��R-xr��P�\`�\_���FFQ#�u�⢯����J��@�ue�S�?�ߝ��\_5��\*�%��U sg�8�e���h�����J�&� �P���)��,�k�՛5���-1���ci ��A�)@%��0�U�W� <��N���{�U׈\*�ԩQ%�󟟃\*�%�y�ެ�}H0�2�yG��H+�!�2����dvJXٿV�H��h��)4����a�:1�D�aY�X p��\[\`�v��AB��h{��!������P�ry�s�{&aB��\`�N("��Fa��0V ��F{���b�-c;1-����'�� ����B��g��5sr�!~�~�ެ�}��'}Ԏ��;l��k���i+;t�88��{ǿ\\���C߫��x�Ԫ�x:Ӆ���\*- O�.$:t���Ҧ\*Hc�����Gq�ze\](��������+l�ތo�����\[5j�֣��j\_�+�r��B�e�\`��N�?(哢���G��d�H�gy��{�G��3��8�ઙM����k�&��u:�\[��W��Gf�"���Zh��mJ�<�A2�����L�ew��2ϻ���vߧ�9����4�FzPY��mq�����t7!��h.���W������^�\]v>����:�H�򎴤��>�������VN4(��y�M~ƀ���5+e�����O��Wm��on�M h 3�

CVE-2023-43623

By Owais Sultan
Human Mind and Attention as Clue in Penetration Testing Success Stories.
This is a post from HackRead.com Read the original post: Unveiling Vulnerabilities: Penetration Testing Services

Penetration testing is vital as it helps identify vulnerabilities in a system or network, allowing organizations to proactively strengthen their security and protect against real-world cyber threats, ultimately safeguarding sensitive data and assets.

The penetration test, or pentest, is a controlled intrusion into the software system to reveal and eliminate vulnerabilities. Nowadays, the pentest is the closest model to the **regular cyber attack** and the best means to prevent it.

The need becomes more and more crucial: the statistics of 2022 demonstrates a **40% growth** of new vulnerability number compared with 2021, 21,000 to 13,000. 21,000 vulnerabilities per year are invisible for scanners but can bring multimillion losses.

That’s why both principles of penetration testing and text cases themselves make the researchers consider the **unique vulnerabilities** as valuable precedents and analyze the pentest reports in detail.

****Company to Deal with and Its Risks****

The zero stage of the pentest is collecting a full package of background information about the reviewed company and the breach if it happened. Let’s model a regular supposed cryptocurrency company, let’s name it Ultimo Chain, which faced the exploit of the native exchange. For better illustration, Ultimo’s model combines features of several real cryptocurrencies, bridges and exchanges, **attacked in 2021-2022**. 

Ultimo relies on original blockchain encryption and never passed a test before. But penetration testing success stories teach that a middle or large company needs it crucially. The main company features and risks according to the checklist of OUR SITE experts:

*   **Industry**. As a cryptocurrency IT business, Ultimo is more interesting for cybercriminals than industrial manufacturers.

*   **Market cap**. A high-skilled intruder may consider a market leader as a beneficial target despite the complex security system. Ultimo is a medium company with a 150+ ranking on CoinMarketCap with a capitalization under $150M, so it’s a decent trophy.

*   **Original system**. Software of most middle or bigger businesses is a unique combination of apps, services, connections and client interfaces. A breach in one component may disclose others to malicious actors. Ultimo uses the original coin, stablecoin and exchange, based on their blockchain, several bridges between Ethereum and other altcoins. 

*   **Data access policies and staff instructions**. Ultimo is an open-source project, and anyone can review its codes on GitHub. The data about financial transactions are encrypted with **blockchain** and stay in secured clouds. Meanwhile, all communications and supportive information are provided by regular messengers, emails and outer storage. Ultimo has 50+ remote workers with 3 levels of access for partners, regular developers, managers and architects.

After the exploit, the exchange was robbed. Due to further investigation, a hacker took away all native stablecoins (25% of all supply) from the Ethereum pair, sold them on external DEX and covered the tracks in a crypto mixer.

****Main Sectors for Vulnerability Detecting** **

The Ultimo pentest not only aims for software and several technical supplements but also closely looks for human errors. The research has to detect:

*   data leak sources;
*   hardware malfunctions;
*   sustainability of connections;
*   system errors and wrong settings;
*   weaknesses in the code and encryption; 
*   vulnerabilities related to staff and management.

The specifics of this case study in penetration testing is that its core code is public. However, the GitHub code doesn’t include visible vulnerabilities and was excluded from possible data leak sources.

The pentest team has to pay attention to the following elements:

*   **Core software** — services and processing software on servers or in clouds, resilience to data leaks, errors and crashes during malware intrusion. 
*   **Websites** — page displaying, navigation and script procedures during DDoS attacks or corruption by malware, encryption and coding against web page data stealing, reliability of redirecting from multinational sites to local mirrors.  
*   **Networks** — reliability of connections and protocols for data transfers, vulnerabilities within local company networks and during remote access.
*   **Client apps** — options and probability of virus invasion, interface misconfigurations, vulnerabilities related to application access and cashed private data.
*   **Remote access software** — possibilities for malware intrusion in the VPNs and forging IP addresses.
*   **Wireless webs** — reliability of Internet connection software (routers, encryptors, filters).
*   **Hardware functioning (SCADA)** — reliability and risks of controlling software in sensors and transmitters. This type relates to power, temperature or pressure equipment, including one inside the servers.
*   **Human factor** — possibilities for staff, clients or partners to corrupt software or cause data leaks (management of data access levels, fishing and similar hacking techniques).

Most penetration testers are narrow but experienced specialists who analyze the separate categories of vulnerabilities. Then the team discusses the results in complex.

****Vulnerability Hunt Step-by-Step****

The professional pentest passes by a **certified methodology** in these steps:

*   Primarily scanning for common vulnerabilities with security scanners (Kali Linux and Rapid7 Nexpose).
*   Additional manual testing for original vulnerabilities.
*   Severity level attribution for vulnerabilities according to standard calculations (NVD by NIST).
*   Test exploitation, including specially written software.
*   Summarizing the research in generated (Cyver Core) and manually complemented reports.
*   Choosing ways to eliminate vulnerabilities.

Security testing professionals may also consult related sources for additional information. In the Ultimo model, the pen specialists review the exchange transaction history. The Ultimo blockchain scanner demonstrates that every recent purchase was cancelled because of a lack of validation nodes. However, after the cancellation, the exchange currency was redirected to the fraudster’s wallet instead of the exchange one.  

****How and Why to Classify Vulnerabilities****

Vulnerability detection is the first stage of penetration testing case study. The test team detects regular weaknesses with scanners to shorten the time of audit and to allow the experts to focus on manual detecting of special things.

As a result, the company Ultimo received comprehensible metrics of system weaknesses, the most severe among them relating to:

*   Possibilities for access level manipulation.
*   Sending data from the exchange to external apps.
*   Fishing probabilities on personal computers of remote workers because of unsecured messengers and storage.

During the further case study of penetration testing, the found vulnerabilities obtain a category of severity due to their danger levels and potential negative consequences:

*   **Critical** — The vulnerability is open and can be used by malicious actors at any moment. It allows the malware to run within the organization soft and needs immediate fixing.
*   **High** — The vulnerability is also available without additional conditions. It doesn’t allow changes within the company’s software, launching of malware or deleting of data. But the actor still can intercept any protected information. 
*   **Medium** — The vulnerability allows the stealing of only low-priority information and only after the actions of the medium-level specialist. The malware can’t be launched. Most of these cases are due to errors in software configurations.
*   **Low** — The vulnerability menaces with data leaks and is caused by software configuration, particularly data access levels and company data policies. Using this type of vulnerability requires social engineering and, sometimes, additional software exploits.

The analysis allows the team to qualify the Ultimo vulnerabilities as medium and low. But they seem to be the weaknesses used by the hacker.

****Harmless Exploit****

The next stage is a practical attack on the researched system but without damage. The pentest team exploit the software only after backups and by agreement with the organization. The main steps:

*   The cyber security team develops several scenarios that involve all found vulnerabilities.
*   The testing system embodies them and records all successful intrusions.
*   The reports go to the company managers with commentaries.
*   The cybersecurity team models the consequences if a malicious actor exploits the same sectors or achieves the same data.
*   The company and pen-testers evaluate the probability of each scenery and calculate possible losses.

The practical deeds adjust the theoretical results. Some vulnerabilities interfere with others and get higher severity levels. Some are offset by other program components and are considered low-risk. The practice often reveals missed weaknesses and unexpected consequences of an exploit.

The penetration testers try to recreate the scenery of the Ultimo exploit as the main one. It combines the detected vulnerabilities, social engineering and data from the blockchain scanner:

*   The tester rewrites and compiles an open-source code to get a binary file.
*   Then, the expert creates a classic fishing email trap, involving a fake Google authentication, uses saved passwords in the target’s browser and gets access to the Ultimo designer’s account at the external storage.
*   The specialist uses a popular hacking solution to get the third level of access and, as a result, reads the project manager’s database of developers’ information in the common documents.
*   With the received accesses, the tester can enter the site server (even without a proxy), replace the purchase binary file with the forged one and relaunch the exchange.

The checking transaction of a small amount shows that the exploit was successful, and the tester backed the replaced file. The used scenery allows not only stealing money but also deleting the whole exchange, source codes and all supportive materials (except backups on the staff computers). 

****Strategies and Recommendations to Overcome Security Problems****

After discussing vulnerabilities and related risks, the testers offer ways to solve them. The company compares their reliability and necessary expenses for choosing the best solutions for this penetration testing and test cases.

Additionally, the pentest team advises how to prevent similar troubles during the renovation of software and expansion of business processes. By the company’s wish, the team describes the signs of danger and general ways that can lead to it.

These are general recommendations for Ultimo, which will suit any organization:

1.  Creation of the security software list for obligatory installation by remote staff. 
2.  Using secured data rooms or similar business solutions instead of regular storage.
3.  Monitoring and notification of leading developers of all server changes.
4.  Using one-way data encryption and doubling for databases.
5.  Integration of biometric identification for the second and third security levels in storage.
6.  Registration of all involved devices by the administrator.

These steps contour the security update plan, but exact solutions must be developed for and together with an individual company only. 

****Mutual Collaboration for the Best Results****

The pen-testing team consults the researched company while implementing the offered changes. They control the quality of the work and adjust algorithms if the direct implementation faces inconvenience. 

Due to penetration testing success stories, the team and company must share clear results and control each other’s work. The **testers list all vulnerabilities**, the company notifies the testers about all implementation nuances. 

Ultimo is also recommended to pass the penetration test periodically because the company:

1.  make frequent global upgrades of both blockchain and apps;
2.  integrates new cryptocurrencies and fiat payment methods;
3.  develops apps for smart TVs and desktops.

In short, not only major leaks but any global change should be accompanied by a new professional pen test.

****Benefits for Pentested Companies****

Despite the best-quality blockchain, the modelled cryptocurrency company failed in supporting factors, especially related to data storage and human errors. Elimination of these vulnerabilities helps Ultimo to prevent:

*   data leaks;
*   new money and time losses;
*   decreasing company market value.
*   further spoiling of reputation and losing of clients;

In total, the pentest fosters Ultimo in increasing its market sustainability and advancing competitors. The costs of both pentest and improving the company’s security pay off especially quickly in the case of the trendy crypto industry.

****Pentest: Way to Forget about Intruders****

Penetration test with further upgrades is the best way to cut losses on hacks and overcome their consequences of high quality and a unique way. That’s why the results of each case study of penetration testing are so valuable.

As any modern company has a unique software complex, common solutions do not suit it. Only manual testing with a customized plan and hands-on exploit can reveal all security weaknesses. Finally, the **pentest services** are a safe and affordable way to advance the competitors and secure the company’s market future.

1.  The Most In-Demand Freelance Skills for 2023
2.  Top Certifications for Network Security Administrators
3.  We Need Smarter Smart Contracts To Prevent DeFi Hacks
4.  Penetration Testing And Their Methodology In Cybersecurity
5.  5 Proven Cyber Security Certifications That Will Boost Your Salary

Unveiling Vulnerabilities: Penetration Testing Services

Cross-Site Request Forgery (CSRF) vulnerability in Dinesh Karki Block Plugin Update plugin <= 3.3 versions.

**Solution**

 No fix

No patched version available.

Found this useful? Thank Abdi Pranata for reporting this vulnerability. Buy a coffee ☕

Abdi Pranata discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Block Plugin Update Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-44261: WordPress Block Plugin Update plugin <= 3.3 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Mediavine Mediavine Control Panel plugin <= 2.10.2 versions.

**Solution**

 No fix

No patched version is available. No reply from the vendor.

Found this useful? Thank Rio Darmawan for reporting this vulnerability. Buy a coffee ☕

Rio Darmawan discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Mediavine Control Panel Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-44259: WordPress Mediavine Control Panel plugin <= 2.10.2 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Hometory Mang Board WP plugin <= 1.7.6 versions.

**Solution**

 No fix

No patched version is available. No reply from the vendor.

Found this useful? Thank Rio Darmawan for reporting this vulnerability. Buy a coffee ☕

Rio Darmawan discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Mang Board WP Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.

**Other vulnerabilities in this plugin**

 1 present

 1 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-44257: WordPress Mang Board WP plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Ltd. WpCentral plugin <= 1.5.7 versions.

**Solution**

 No fix

No patched version is available. This plugin has been closed as of July 3, 2023 and is not available for download. This closure is permanent. Reason: Author Request.

Found this useful? Thank Rio Darmawan for reporting this vulnerability. Buy a coffee ☕

Rio Darmawan discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress wpCentral Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.

**Other vulnerabilities in this plugin**

 1 present

 2 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-41854: WordPress wpCentral plugin <= 1.5.7 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <= 1.2 versions.

**Solution**

 No fix

No patched version is available.

Found this useful? Thank Rio Darmawan for reporting this vulnerability. Buy a coffee ☕

Rio Darmawan discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Order Delivery Date for WP e-Commerce Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.

**Other vulnerabilities in this plugin**

 2 present

 0 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

Tag

#auth