A flaw in popular messenger apps WhatsApp and Telegram , which could allow hackers to gain access to hundreds of millions of accounts using the very encryption software designed to keep them out , has been discoveredVulnerability-related.DiscoverVulnerabilityby cyber security firm Check Point . The Israeli multinational said it was concerned about vulnerabilities in the messaging apps , following WikiLeaks ’ ‘ Vault 7 ’ release of more than 8,500 CIA documents . “ One of the most concerning revelations arising from the recent WikiLeaks publication is the possibility that government organizations can compromise WhatsApp , Telegram and other end-to-end encrypted chat applications , ” the company said in a blog post . These online versions mirror all messages sent and received by a user ’ s mobile device , which deploys end-to-end encryption so that only those sending and receiving messages can view the content . Hackers could gain access to a user ’ s account , however , by booby-trapping a digital image with malicious code which would be activated once the image is viewed . The code could then spread like a virus by sending infected messages to a user 's contacts . “ This means that attackers could potentially download your photos and or post them online , send messages on your behalf , demand ransomAttack.Ransom, and even take over your friends ’ accounts , ” they added . Check Point saidVulnerability-related.DiscoverVulnerabilityit alertedVulnerability-related.DiscoverVulnerabilityboth companies to the problem last week and waited for the issues to be resolvedVulnerability-related.PatchVulnerabilitybefore making it public . Both companies have said they ’ ve since patched the problem . “ Thankfully , WhatsApp and Telegram responded quicklyVulnerability-related.DiscoverVulnerabilityand responsibly to deploy the mitigation against exploitation of this issue in all web clients , ” Check Point Head of Product Vulnerability Oded Vanunu said . The company has advised , however , that WhatsApp and Telegram web users should restart their browser to ensure they ’ re using the latest versions of the service
The industrial company on Tuesday releasedVulnerability-related.PatchVulnerabilitymitigations for eight vulnerabilities overall . Siemens AG on Tuesday issuedVulnerability-related.PatchVulnerabilitya slew of fixes addressingVulnerability-related.PatchVulnerabilityeight vulnerabilities spanning its industrial product lines . The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens ’ SCALANCE firewall product . The flaw could allow an attacker to gain unauthorized accessAttack.Databreachto industrial networks and ultimately put operations and production at risk . The SCALANCE S firewall is used to protect secure industrial networks from untrusted network traffic , and allows filtering incoming and outgoing network connections in different ways . Siemens S602 , S612 , S623 , S627-2M SCALANCE devices with software versions prior to V4.0.1.1 are impactedVulnerability-related.DiscoverVulnerability. Researchers with Applied Risk , who discoveredVulnerability-related.DiscoverVulnerabilitythe flaw , saidVulnerability-related.DiscoverVulnerabilitythat vulnerability exists inVulnerability-related.DiscoverVulnerabilitythe web server of the firewall software . An attacker can carry out the attack by craftingAttack.Phishinga malicious link and trickingAttack.Phishingan administrator – who is logged into the web server – to click that link . Once an admin does so , the attacker can execute commands on the web server , on the administrator ’ s behalf . “ The integrated web server allows a cross-site scripting attack if an administrator is misledAttack.Phishinginto accessing a malicious link , ” Applied Risk researcher Nelson Berg said inVulnerability-related.DiscoverVulnerabilityan analysisVulnerability-related.DiscoverVulnerabilityof the flaw . “ Successful exploitation may lead to the ability to bypass critical security measures provided by the firewall. ” Exploitation of this vulnerability could ultimately enable threat actors to bypass critical security functions provided by the firewall , potentially providing access to industrial networks and putting operations and production at risk . The vulnerability , CVE-2018-16555 , has a CVSS score which Applied Risk researcher calculatesVulnerability-related.DiscoverVulnerabilityto be 8.2 ( or high severity ) . That said , researchers saidVulnerability-related.DiscoverVulnerabilitya successful exploit is not completely seamless and takes some time and effort to carry out – for an attacker to exploit the flaw , user interaction is required and the administrator must be logged into the web interface . Researchers saidVulnerability-related.DiscoverVulnerabilitythat no exploit of the vulnerability has been discoveredVulnerability-related.DiscoverVulnerabilitythus far . Siemens addressedVulnerability-related.PatchVulnerabilitythe reported vulnerability by releasingVulnerability-related.PatchVulnerabilitya software update ( V4.0.1.1 ) and also advised customers to “ only access links from trusted sources in the browser you use to access the SCALANCE S administration website. ” The industrial company also releasedVulnerability-related.PatchVulnerabilityan array of fixes for other vulnerabilities on Tuesday . Overall , eight advisories were released by the US CERT . Another serious vulnerability ( CVE-2018-16556 ) addressedVulnerability-related.PatchVulnerabilitywas an improper input validation flaw in certain Siemens S7-400 CPUs . Successful exploitation of these vulnerabilities could crash the device being accessed which may require a manual reboot or firmware re-image to bring the system back to normal operation , according to the advisory . “ Specially crafted packets sent to Port 102/TCP via Ethernet interface , via PROFIBUS , or via multi-point interfaces ( MPI ) could cause the affected devices to go into defect mode . Manual reboot is required to resume normal operation , ” according to US Cert . An improper access control vulnerability that is exploitableVulnerability-related.DiscoverVulnerabilityremotely in Siemens IEC 61850 system configurator , DIGSI 5 , DIGSI 4 , SICAM PAS/PQS , SICAM PQ Analyzer , and SICAM SCC , was also mitigatedVulnerability-related.PatchVulnerability. The vulnerability , CVE-2018-4858 , has a CVSS of 4.2 and exists inVulnerability-related.DiscoverVulnerabilitya service of the affected products listening on all of the host ’ s network interfaces on either Port 4884/TCP , Port 5885/TCP , or Port 5886/TCP . The service could allow an attacker to either exfiltrateAttack.Databreachlimited data from the system or execute code with Microsoft Windows user permissions . Also mitigatedVulnerability-related.PatchVulnerabilitywere an improper authentication vulnerability ( CVE-2018-13804 ) in SIMATIC IT Production Suite and a code injection vulnerability ( CVE-2018-13814 ) in SIMATIC Panels and SIMATIC WinCC that could allow an attacker with network access to the web server to perform a HTTP header injection attack .