Advisories & Alerts

  • [SingCERT] Alert on Microsoft JET Database Engine Vulnerabilities CVE-2018-8392 and CVE-2018-8393 24 September 2018

    Microsoft Joint Engine Technology (JET) Database Engine is the underlying component of a database on which several Microsoft products have been built. It was superseded by Microsoft Desktop Engine, and later by Structured Query Language (SQL) Server Express, but the JET Database Engine still resides within Windows operating systems.

    CVE-2018-8392 and CVE-2018-8393 Buffer Overflow Vulnerability
    Researchers from FortiGuard Labs and Zero Day Initiative discovered a buffer overflow vulnerability in the JET Database Engine, due to improper memory operations that are performed by the affected software. If successfully exploited, the vulnerability allows remote code execution on an affected system.

    Update: SingCERT was alerted to a new active phishing attack that leveraged these vulnerabilities. The attacker could exploit the vulnerabilities by means of a phishing email with an attachment, persuading email recipients to open or preview the attachment (usually an Excel file) that submits malicious input to the affected software.

  • [SingCERT] Alert on Critical Out-Of-Band Adobe Acrobat Vulnerability CVE-2018-12848 24 September 2018

    Adobe has released security updates for its Acrobat Reader and Document Cloud (DC) products to address several vulnerabilities.
    The most critical vulnerability, CVE-2018-12848, is an out-of-bounds write vulnerability with a severity rating of “critical” and could lead to arbitrary code execution.
    The other vulnerabilities (CVE-2018-12801, CVE-2018-12840, CVE-2018-12849, CVE-2018-12850, CVE-2018-12775, CVE-2018-12778), are out-of-bounds read vulnerabilities with severity ratings of “important”.

  • [SingCERT] Alert on Cisco Video Surveillance Manager Default Password Vulnerability CVE-2018-15427 24 September 2018

    Cisco Video Surveillance Manager (VSM) is a software that allows operations managers and system integrators to build customised video surveillance networks.

    Cisco has released a security patch to address a critical vulnerability found in its Cisco VSM software. This is an undocumented default system administrator account called “root”, which had an unremoved default password. A remote attacker could exploit this to gain unauthorised access into an affected system.

    This critical vulnerability has been assigned as CVE-2018-15427 with a Common Vulnerability Score System (CVSS) severity base score of 9.8 out of 10.

  • [SingCERT] Alert on Critical Microsoft Vulnerabilities CVE-2018-8440, CVE-2018-8475, CVE-2018-0965, CVE-2018-8439 & CVE-2018-8449 13 September 2018

    Microsoft has announced the release of 61 security patches to address vulnerabilities affecting its operating system and other products. 17 vulnerabilities were identified as critical and require immediate attention.

  • [SingCERT] Alert on Privilege Escalation Vulnerability in ANTlabs Internet Gateway Products 03 September 2018

    ANTlabs Pte. Ltd. is a leading Internet access solutions provider used by companies in Singapore, especially those in the hospitality and telecommunications sectors.

    On 3 Sep 2018, ANTlabs issued a security advisory to warn its customers of a privilege escalation vulnerability found in its Internet gateway products.

  • [SingCERT] Alert on Critical Apache Struts 2 Remote Code Execution vulnerability (CVE-2018-11776) 24 August 2018

    Apache Struts is a popular open-source Java-based web application framework used for developing many enterprise web applications globally.

    On 22 August 2018, Apache Software Foundation released new versions of its Apache Struts 2 framework to address a Remote Code Execution (RCE) vulnerability identified by a researcher from Semmle Security Research Team. This vulnerability (CVE-2018-11776) is critical and has a Common Vulnerability Score System (CVSS) severity base score of 9.8 out of the maximum 10.

  • [SingCERT] Alert on Vulnerability in Oracle Database Server (CVE-2018-3110) 16 August 2018

    Oracle has announced a critical patch update to address a Vulnerability (CVE-2018-3110) found in the Oracle Database Server. This flaw affects the Java Virtual Machine component.
    This vulnerability has a Common Vulnerability Score System (CVSS) severity base score of 9.9 out of 10.

  • [SingCERT] Alert on Vulnerability in Oracle WebLogic Server (CVE-2018-2893) 27 July 2018

    Oracle WebLogic Server (WLS) is a Java Enterprise Edition Application server by Oracle Corporation.

    Oracle announced a critical patch update to address a Vulnerability (CVE-2018-2893) found in its WebLogic Server after researchers reported the flaw. This flaw affects the product’s WLS Core Components subcomponent.

    This vulnerability (CVE-2018-2893) has a Common Vulnerability Score System (CVSS) severity base score of 9.8 out of the maximum 10.

  • [SingCERT] Alert on Intel Management Engine Vulnerabilities (CVE-2018-3627, CVE-2018-3628, CVE-2018-3629 & CVE-2018-3632) 26 July 2018

    Intel has issued security advisories to address vulnerabilities found in Intel Management Engine (IME). Four high-severity vulnerabilities were identified which require immediate attention.

  • Precautionary Measures to Take In View of the SingHealth Incident 20 July 2018

    SingHealth’s database containing patient personal particulars and outpatient dispensed medicines has been the target of a major cyberattack. About 1.5 million patients who visited SingHealth’s specialist outpatient clinics and polyclinics from 1 May 2015 to 4 July 2018 have had their non-medical personal particulars illegally accessed and copied. The data taken include name, NRIC number, address, gender, race and date of birth. The records were not tampered with, i.e. no records were amended or deleted.