all in-display fingerprint sensors – that left over a half-dozen cellphone models vulnerable to a trivial lock-screen bypass attack – has been quietly patchedVulnerability-related.PatchVulnerability. The flaw was tied to a bug in the popular in-display fingerprint reader technology used for user authentication . In-display fingerprint reader technology is widely considered an up-and-coming feature to be used in a number of flagship model phones introduced in 2019 by top OEM phone makers , according to Tencent ’ s Xuanwu Lab which is credited for first identifyingVulnerability-related.DiscoverVulnerabilitythe flaw earlier this year . “ During our research on this , we found all the in-display fingerprint sensor module suffer the same problem no matter where it was manufactured by whatever vendors , ” said Yang Yu , a researcher at Xuanwu Lab . “ This vulnerability is a design fault of in-display fingerprint sensors. ” Impacted are all phones tested in the first half of 2018 that had in-display fingerprint sensors , said Yu . That includes current models of Huawei Technologies ’ Porsche Design Mate RS and Mate 20 Pro model phones . Yu said that many more cellphone manufacturers are impactedVulnerability-related.DiscoverVulnerabilityby the issue . However , Yu would not specify other impacted vendors or models : “ Vendors differ greatly in the attitude to security issues , someone have open attitudes , like Huawei , and in contrast , some vendors strongly hope us to keep the voice down on this , ” he told Threatpost . He noted Huawei has been forthcoming , issuingVulnerability-related.PatchVulnerabilitypatches to addressVulnerability-related.PatchVulnerabilitythe issue . Other phones that use the feature include Vivo Communication Technology ’ s V11 Pro , X21 and Nex ; and OnePlus ’ 6T and Xiaomi Mi 8 Explorer Edition phones . Vivo , OnePlus and Xiaomi did not respond to requests for comment from Threatpost . In-display fingerprint readers based on optical fingerprint imaging , experts believe , will soon replace conventional authentication based on capacitance-sensor fingerprint scanners . In-display readers allow for a user to place a finger on the screen of a smartphone where a scanner from behind the display can verify a fingerprint , authenticate the user and unlock the phone . Design-wise the feature allows phones to be sleeker and less cluttered , supporting infinity displays . Usability advantages include the ability to unlock the phone simply by placing your finger on the phone ’ s screen at any angle , whether it ’ s sitting on a table or in a car mount . The vulnerability , which Huawei issuedVulnerability-related.PatchVulnerabilitya patch ( CVE-2018-7929 ) for in September , can be exploitedVulnerability-related.DiscoverVulnerabilityin a matter of seconds , researchers said . In an exclusive interview with Threatpost on the flaw Yu said all an attacker needs to carry out the attack is an opaque reflective material such as aluminum foil . By placing the reflective material over a residual fingerprint on the phone ’ s display the capacitance fingerprint imaging mechanism can be tricked into authenticating a fingerprint .
Overall , the chip giant patchedVulnerability-related.PatchVulnerabilityfive vulnerabilities across an array of its products . Intel on Tuesday patchedVulnerability-related.PatchVulnerabilitythree high-severity vulnerabilities that could allow the escalation of privileges across an array of products . Overall , the chip giant fixedVulnerability-related.PatchVulnerabilityfive bugs – three rated high-severity , and two medium-severity . The most concerning of these bugs is an escalation-of-privilege glitch in Intel ’ s PROset/Wireless Wi-Fi software , which is its wireless connection management tool . The vulnerability , CVE-2018-12177 , has a “ high ” CVSS score of 7.8 , according to Intel ’ s update . “ Intel is releasingVulnerability-related.PatchVulnerabilitysoftware updates to mitigateVulnerability-related.PatchVulnerabilitythis potential vulnerability , ” it said , urging users to updateVulnerability-related.PatchVulnerabilityto version 20.90.0.7 or later of the software . The vulnerability , reportedVulnerability-related.DiscoverVulnerabilityby Thomas Hibbert of Insomnia Security , stems from improper directory permissions plaguing the software ’ s ZeroConfig service in versions before 20.90.0.7 . The issue could allow an authorized user to potentially enable escalation of privilege via local access . The other high-severity bug exists inVulnerability-related.DiscoverVulnerabilitythe company ’ s System Support Utility for Windows , which offers support for Intel-packed Windows device users . This bug ( CVE-2019-0088 ) is due to insufficient path checking in the support utility , allowing an already-authenticated user to potentially gain escalation of privilege via local access . The vulnerability has a CVSS score of 7.5 . Versions of System Support Utility for Windows before 2.5.0.15 are impactedVulnerability-related.DiscoverVulnerability; Intel recommendsVulnerability-related.PatchVulnerabilityusers updateVulnerability-related.PatchVulnerabilityto versions 2.5.0.15 or later . Independent security researcher Alec Blance was credited with discoveringVulnerability-related.DiscoverVulnerabilitythe flaw . The chip-maker also patchedVulnerability-related.PatchVulnerabilitya high-severity and medium-severity flaw in its Software Guard Extensions ( SGX ) platform and software , which help application developers to protect select code and data from disclosure or modification . “ Multiple potential security vulnerabilities in Intel SGX SDK and Intel SGX Platform Software may allow escalation of privilege or information disclosure , ” saidVulnerability-related.DiscoverVulnerabilityIntel . The high-severity flaw in SGX ( CVE-2018-18098 ) has a CVSS score of 7.5 and could allow an attacker with local access to gain escalated privileges . The vulnerability is rooted inVulnerability-related.DiscoverVulnerabilityimproper file verification in the install routine for Intel ’ s SGX SDK and Platform Software for Windows before 2.2.100 . It was discoveredVulnerability-related.DiscoverVulnerabilityby researcher Saif Allah ben Massaoud . Another vulnerability in the platform ( CVE-2018-12155 ) is only medium in severity , but could allow an unprivileged user to cause information disclosure via local access . That ’ s due to data leakageAttack.Databreachin the cryptographic libraries of the SGX platform ’ s Integrated Performance Primitives , a function that provides developers with building blocks for image and data processing . And finally , a medium escalation of privilege vulnerability in Intel ’ s SSD data-center tool for Windows has been patchedVulnerability-related.PatchVulnerability. “ Improper directory permissions in the installer for the Intel SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via local access , ” saidVulnerability-related.DiscoverVulnerabilityIntel ’ s update . The company recommends users update to v3.0.17 or later . Intel ’ s patch comesVulnerability-related.PatchVulnerabilityduring a busy patch Tuesday week , which includes fixes from Adobe and Microsoft .
Last week , Intel revealedVulnerability-related.DiscoverVulnerabilitythat a serious security flaw in some of its chips left potentially thousands of devices vulnerable to attackers . Then , security researchers revealedVulnerability-related.DiscoverVulnerabilitythe problem was way worse than anyone initially thought as the vulnerability could allow attackers to remotely `` hijack '' affected machines . It 's still not clear just how many devices are impactedVulnerability-related.DiscoverVulnerabilityas Intel has't said , but some in the industry have put the number as high as 8,000 . Here 's a look at what you need to know and how to protect yourself . The vulnerability stems from something called Intel Active Management Technology , ( AMT ) , a technology that allows devices to be remotely managed to make it easier to update software and perform maintenance remotely . It 's a feature typically used by businesses that may be responsible for many devices that may not all be in the same place . Since the technology is integrated at a chip level , AMT can do a bit more than other software-enabled management tools . Using AMT 's capabilities , for instance , a system administrator could remotely access and control a computer 's mouse and keyboard , or turn on a computer that 's already been powered down . While those can be helpful capabilities for corporate IT departments to have , it 's obviously the type of access you 'd want locked down pretty tightly . And that 's just the problem . Security researchers found that AMT 's web portal can be accessed with just the user admin and literally any password or even no password at all . That 's why some have labeled it a `` hijacking '' flaw since anyone who exploits the vulnerability would be able to remotely control so many processes . Most importantly , the flaw does n't impactVulnerability-related.DiscoverVulnerabilityevery Intel chip out there . Since it 's rooted inVulnerability-related.DiscoverVulnerabilityAMT , the vulnerability primarily affectsVulnerability-related.DiscoverVulnerabilitybusinesses , though , as Intel points out , some consumers use computers made for businesses . One of the easiest ways to check if you might be affected is to check that Intel sticker that comes on so many PCs . Look for a `` VPro '' logo as that indicates the presence of AMT . Of course , looking for a sticker is hardly foolproof . Intel has also released a downloadable detections guide , which will guide you through the process of checking your machines . You can find the detection guide here . Though Intel has long supplied Apple with chips for Macs , AMT is only present on processors in Windows-based machines , so all Macs are safe from this particular exploit . If you do have a machine that 's impacted by the security flaw , you 'll need to update your firmware as soon as possible . Intel has already createdVulnerability-related.PatchVulnerabilitya patch and is now waiting on manufacturers to make it availableVulnerability-related.PatchVulnerability. Some , including Dell , Lenovo , HP , and Fujitsu , have already rolled it out . You can find links to those over on Intel 's website , which will be updatedVulnerability-related.PatchVulnerabilityas more manufacturers releaseVulnerability-related.PatchVulnerabilityupdates .
The industrial company on Tuesday releasedVulnerability-related.PatchVulnerabilitymitigations for eight vulnerabilities overall . Siemens AG on Tuesday issuedVulnerability-related.PatchVulnerabilitya slew of fixes addressingVulnerability-related.PatchVulnerabilityeight vulnerabilities spanning its industrial product lines . The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens ’ SCALANCE firewall product . The flaw could allow an attacker to gain unauthorized accessAttack.Databreachto industrial networks and ultimately put operations and production at risk . The SCALANCE S firewall is used to protect secure industrial networks from untrusted network traffic , and allows filtering incoming and outgoing network connections in different ways . Siemens S602 , S612 , S623 , S627-2M SCALANCE devices with software versions prior to V4.0.1.1 are impactedVulnerability-related.DiscoverVulnerability. Researchers with Applied Risk , who discoveredVulnerability-related.DiscoverVulnerabilitythe flaw , saidVulnerability-related.DiscoverVulnerabilitythat vulnerability exists inVulnerability-related.DiscoverVulnerabilitythe web server of the firewall software . An attacker can carry out the attack by craftingAttack.Phishinga malicious link and trickingAttack.Phishingan administrator – who is logged into the web server – to click that link . Once an admin does so , the attacker can execute commands on the web server , on the administrator ’ s behalf . “ The integrated web server allows a cross-site scripting attack if an administrator is misledAttack.Phishinginto accessing a malicious link , ” Applied Risk researcher Nelson Berg said inVulnerability-related.DiscoverVulnerabilityan analysisVulnerability-related.DiscoverVulnerabilityof the flaw . “ Successful exploitation may lead to the ability to bypass critical security measures provided by the firewall. ” Exploitation of this vulnerability could ultimately enable threat actors to bypass critical security functions provided by the firewall , potentially providing access to industrial networks and putting operations and production at risk . The vulnerability , CVE-2018-16555 , has a CVSS score which Applied Risk researcher calculatesVulnerability-related.DiscoverVulnerabilityto be 8.2 ( or high severity ) . That said , researchers saidVulnerability-related.DiscoverVulnerabilitya successful exploit is not completely seamless and takes some time and effort to carry out – for an attacker to exploit the flaw , user interaction is required and the administrator must be logged into the web interface . Researchers saidVulnerability-related.DiscoverVulnerabilitythat no exploit of the vulnerability has been discoveredVulnerability-related.DiscoverVulnerabilitythus far . Siemens addressedVulnerability-related.PatchVulnerabilitythe reported vulnerability by releasingVulnerability-related.PatchVulnerabilitya software update ( V4.0.1.1 ) and also advised customers to “ only access links from trusted sources in the browser you use to access the SCALANCE S administration website. ” The industrial company also releasedVulnerability-related.PatchVulnerabilityan array of fixes for other vulnerabilities on Tuesday . Overall , eight advisories were released by the US CERT . Another serious vulnerability ( CVE-2018-16556 ) addressedVulnerability-related.PatchVulnerabilitywas an improper input validation flaw in certain Siemens S7-400 CPUs . Successful exploitation of these vulnerabilities could crash the device being accessed which may require a manual reboot or firmware re-image to bring the system back to normal operation , according to the advisory . “ Specially crafted packets sent to Port 102/TCP via Ethernet interface , via PROFIBUS , or via multi-point interfaces ( MPI ) could cause the affected devices to go into defect mode . Manual reboot is required to resume normal operation , ” according to US Cert . An improper access control vulnerability that is exploitableVulnerability-related.DiscoverVulnerabilityremotely in Siemens IEC 61850 system configurator , DIGSI 5 , DIGSI 4 , SICAM PAS/PQS , SICAM PQ Analyzer , and SICAM SCC , was also mitigatedVulnerability-related.PatchVulnerability. The vulnerability , CVE-2018-4858 , has a CVSS of 4.2 and exists inVulnerability-related.DiscoverVulnerabilitya service of the affected products listening on all of the host ’ s network interfaces on either Port 4884/TCP , Port 5885/TCP , or Port 5886/TCP . The service could allow an attacker to either exfiltrateAttack.Databreachlimited data from the system or execute code with Microsoft Windows user permissions . Also mitigatedVulnerability-related.PatchVulnerabilitywere an improper authentication vulnerability ( CVE-2018-13804 ) in SIMATIC IT Production Suite and a code injection vulnerability ( CVE-2018-13814 ) in SIMATIC Panels and SIMATIC WinCC that could allow an attacker with network access to the web server to perform a HTTP header injection attack .