All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of September 5th, 2022. I’ve also included some comments on these stories.

Critical RCE Vulnerability Affects Zyxel NAS Devices — Firmware Patch Released

Networking equipment maker Zyxel has released patches for a critical security flaw impacting its network-attached storage (NAS) devices, notes The Hacker News. Tracked as CVE-2022-34747 (CVSS score: 9.8), the issue relates to a “format string vulnerability” affecting NAS326, NAS540, and NAS542 models.

Zyxel NAS devices are subject to a format string vulnerability. An attacker could execute code upon successful exploitation of this vulnerability. To exploit this issue an attacker would have to craft a specially crafted UDP packet.
Affected Versions:
NAS326 (V5.21(AAZF.11)C0 and earlier)
NAS540 (V5.21(AATB.8)C0 and earlier), and
NAS542 (V5.21(ABAG.8)C0 and earlier)

HP fixes severe bug in pre-installed Support Assistant tool

HP issued a security advisory alerting users about a newly discovered vulnerability in HP Support Assistant, a software tool that comes pre-installed on all HP laptops and desktop computers, Bleeping Computer reports.

HP Support Assistant is subject to a privilege escalation vulnerability. This vulnerability exists because HP Support Assistant is vulnerable to a DLL hijacking flaw that is triggered by launching the HP Performance Tune-up app within the Support Assistant application. HP recommends upgrading to the latest version of the software that is present in the Microsoft Store.

A new SharkBot variant bypassed Google Play checks again

Experts spotted an upgraded version of the SharkBot malware that was uploaded to the official Google Play Store. Fox IT researchers spotted an upgraded version of a SharkBot dropper that was uploaded to the (Read more...)