#git

Infiltrating other nations' telecom networks is a cornerstone of China's geopolitical strategy, and it's having the unintended consequence of driving the uptake of encrypted communications.

FCC Chairwoman Jessica Rosenworcel recommended "urgent action" to safeguard the nation's communications systems from real and present cybersecurity threats.

# CWA-2024-007 **Severity** Medium (Moderate + Likely)[^1] **Affected versions:** - wasmvm >= 2.1.0, < 2.1.3 - wasmvm >= 2.0.0, < 2.0.4 - wasmvm < 1.5.5 - cosmwasm-vm >= 2.1.0, < 2.1.4 - cosmwasm-vm >= 2.0.0, < 2.0.7 - cosmwasm-vm < 1.5.8 **Patched versions:** - wasmvm 1.5.5, 2.0.4, 2.1.3 - cosmwasm-vm 1.5.8, 2.0.7, 2.1.4 ## Description of the bug (Blank for now. We'll add more detail once chains had a chance to upgrade.) ## Patch - 1.5: https://github.com/CosmWasm/cosmwasm/commit/16eabd681790508b13dac8e67f9e6e61045240ea - 2.0: https://github.com/CosmWasm/cosmwasm/commit/0e70bd83119b02f99a2c0397f0913e0803750fd9 - 2.1: https://github.com/CosmWasm/cosmwasm/commit/f5bf24f3acadca2892afd58cc3ce5fdeb932d492 ## Applying the patch The patch will be shipped in releases of wasmvm. You can update more or less as follows: 1. Check the current wasmvm version: `go list -m github.com/CosmWasm/wasmvm` 2. Bump the `github.com/CosmWasm/wasmvm` dependency in your go.mod to 1.5.5, 2.0.4, 2.1....

# CWA-2024-008 **Severity** Medium (Moderate + Likely)[^1] **Affected versions:** - wasmvm >= 2.1.0, < 2.1.3 - wasmvm >= 2.0.0, < 2.0.4 - wasmvm < 1.5.5 - cosmwasm-vm >= 2.1.0, < 2.1.4 - cosmwasm-vm >= 2.0.0, < 2.0.7 - cosmwasm-vm < 1.5.8 **Patched versions:** - wasmvm 1.5.5, 2.0.4, 2.1.3 - cosmwasm-vm 1.5.8, 2.0.7, 2.1.4 ## Description of the bug (Blank for now. We'll add more detail once chains had a chance to upgrade.) ## Patch - 1.5: https://github.com/CosmWasm/cosmwasm/commit/edcdbc520d4f5521eed42de6e2869658278e91fd - 2.0: https://github.com/CosmWasm/cosmwasm/commit/f63429ca59eb44dd5d780c1572016581337091e4 - 2.1: https://github.com/CosmWasm/cosmwasm/commit/108e7dcbf9c21df0fa83f355ad3a7355d7f220cb ## Applying the patch The patch will be shipped in releases of wasmvm. You can update more or less as follows: 1. Check the current wasmvm version: `go list -m github.com/CosmWasm/wasmvm` 2. Bump the `github.com/CosmWasm/wasmvm` dependency in your go.mod to 1.5.5, 2.0.4, 2.1....

# CWA-2024-009 **Severity** Low (Marginal + Likely)[^1] **Affected versions:** - wasmd < 0.53.1 **Patched versions:** - wasmd 0.53.2 (please note that wasmd 0.53.1 is broken and must not be used) ## Description of the bug (Blank for now. We'll add more detail once chains had a chance to upgrade.) ## Mitigations Apart from upgrading, it is recommended to **not** open the gRPC and REST APIs of _validator_ nodes to the public internet. Use isolated and resource-constrained environments for running separate public RPC nodes instead. These can then easily be thrown away and replaced with new instances in case of problems. ## Applying the patch ### Official Wasmd patch The patch will be shipped in a wasmd release. You will also have to update `libwasmvm` if you build statically. If you already use the latest / close to latest wasmd, you can update more or less as follows: 1. Check the current wasmd version: `go list -m github.com/CosmWasm/wasmd` 2. Bump the `github.com/CosmWasm...

### Impact An attacker can write a malicious expression that escapes the sandbox to execute arbitrary code on the system. Example of vulnerable code: ```js const expressions = require("angular-expressions"); const result = expressions.compile("__proto__.constructor")({}, {}); // result should be undefined, however for versions <=1.4.2, it returns an object. ``` With a more complex (undisclosed) payload, one can get full access to Arbitrary code execution on the system. ### Patches The problem has been patched in version 1.4.3 of angular-expressions. ### Workarounds There is one workaround if it not possible for you to update : * Make sure that you use the compiled function with just one argument : ie this is not vulnerable : `const result = expressions.compile("__proto__.constructor")({});` : in this case you lose the feature of locals if you need it. ### Credits Credits go to [JorianWoltjer](https://github.com/JorianWoltjer) who has found the issue and reported it to ...

SUMMARY Zimperium’s zLabs has shared its latest research with Hackread.com, ahead of its publishing on December 10. According…

The Digital Operational Resilience Act (DORA) sets strict EU rules for financial institutions and IT providers, emphasizing strong…

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Arena Vulnerabilities: Use After Free, Out-of-bounds Write, Improper Initialization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in execution of arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Arena are affected: Arena: Versions prior to V16.20.06 3.2 VULNERABILITY OVERVIEW 3.2.1 USE AFTER FREE CWE-416 A "use after free" code execution vulnerability exists in the affected products that could allow a threat actor to craft a DOE file and force the software to reuse a resource. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor. CVE-2024-11155 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (...

A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed Operation Digital Eye. The intrusions took place from late June to mid-July 2024, cybersecurity companies SentinelOne SentinelLabs and Tinexta Cyber said in a joint report shared with The Hacker News, adding