Ultimate Member is a WordPress plugin that provides support for creating websites and enhance user registration and account control on WordPress sites.

According to Wordfence’s researchers, the vulnerabilities exist in three forms: user registration, user login, and user profile management.

“These vulnerabilities are considered very critical as it makes it possible for originally unauthenticated users to easily escalate their privileges to those of an administrator. Once an attacker has administrative access to a WordPress site, they have effectively taken over the entire site and can perform any action, from taking the site offline to further infecting the site with malware,” Wordfence said.

“Attackers could enumerate the current custom Ultimate Members roles and supply a higher privileged role while registering in the role parameter. Also, an attacker could supply a specific capability and then use that to switch to another user account with elevated privileges,” Wordfence added.

700,000 WordPress Users at Risk

In a similar discovery, Wordfence found that the File Manager plugin has over 700,000 active installations, which could allow threat actors to execute commands and upload malicious files on a target site. File Manager is a plugin intended to help WordPress admins manage files on their websites. To read the full story, click here… 

The post WordPress Ultimate Member Plugin Vulnerability Can Lead to Three Severe Exploits appeared first on CISO MAG | Cyber Security Magazine.

“An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device,” Cisco said.

It is found that the vulnerability affects Cisco products if they are running a vulnerable release of Cisco ASA Software or Cisco FTD Software with a vulnerable AnyConnect or WebVPN configuration. The company also confirmed that this vulnerability does not affect Cisco Firepower Management Center (FMC) Software and cannot be used to obtain access to ASA or FTD system files or underlying operating system files. The company has released software updates to fix the vulnerability.

“The attacker can view files within the web services file system only. The web services file system is enabled for the WebVPN and AnyConnect features outlined in the Vulnerable Products section of this advisory; therefore, this vulnerability does not apply to the ASA and FTD system files or underlying operating system (OS) files. The web services files that the attacker can view may have information such as WebVPN configuration, bookmarks, web cookies, partial web content, and HTTP URLs,” the advisory said.

Counterfeit Cisco Switches

Recently, an investigation report from F-Secure revealed a pair of counterfeit network switches  impersonating the  Cisco network switches.   The counterfeit devices, versions of the Cisco Catalyst 2960-X series switches, were designed to bypass authentication processes to system components. According to the investigation, the counterfeit devices did not have any backdoor functionalities, but had the ability to bypass security controls.  The counterfeits were physically and operationally similar to an authentic Cisco switch. Threat actors either invested heavily in imitating Cisco’s original design or had access to proprietary engineering documentation to create fake copy, the report said.

The post Patch Now! Hackers Exploiting Cisco’s ASA/FTD Software to Steal Data appeared first on CISO MAG | Cyber Security Magazine.

The research examined 351,000 external libraries in 85,000 applications and found that these libraries have several security bugs. Even a single bug can affect hundreds of applications. According to the report, the majority of the open-source flaws found in applications like Swift, .NET, Go, and PHP. Swift has specialized use in the Apple ecosystem and has the highest density of flaws. It also has a low percentage of flawed libraries in terms of volume while .NET has the lowest percentage of flawed libraries out of the four, and on a volume it is more than 17 times larger than Swift.

Around 47% of the flawed libraries in applications are transitive i.e. they are not pulled in directly by developers. This means that developers are introducing much more code, and often flawed code, than they might be anticipating.

Veracode also found that Go has a high percentage of libraries with flaws, but an overall low number of flaws per individual library. And PHP has a higher rate of flawed libraries than Go – but more than double the density of flaws in any given library. The report also found that cross-site scripting (XSS) is the most common vulnerability category found in open-source libraries, followed by insecure deserialization (23.5%) and broken access control (20.3%).

“Prominent in almost every application today, open-source libraries allow developers to move faster by quickly adding basic functionality. In fact, it would be nearly impossible to innovate with software without these libraries. However, lack of awareness about where and how open source libraries are being used and their risk factors is a problematic practice,” the report said.

“We found insecure deserialization was a relatively rare flaw among in-house applications. Having such a high ranking when looking at libraries is troubling as this category of flaws can result in unexpected code paths being executed, which means that portions of libraries that we are not even intending to use may be inserted into the execution path of their hosting applications through use of this flaw,” the report added.

The post 70% Of Mobile and Desktop Apps Contain Open-Source Security Flaws: Report appeared first on CISO MAG | Cyber Security Magazine.