Tuesday 8th November 2022
Week 44 | 31st Oct– 4th Nov 2022
Key Issue: Two high-severity vulnerabilities found in OpenSSL software
Cybercriminals: Researchers identify a spike in cryptocurrency theft operations
Nation-State: Russian threat actors continue targeting countries that support Ukraine
This week we reported on two high-severity vulnerabilities in OpenSSL, a software library for applications that secures communications over computer networks including many HTTPS websites. The vulnerabilities are tracked as CVE-2022-3786 and CVE-2022-3602. CVE-2022-3786, is susceptible to buffer overflow operations that could enable threat actors to create a malicious email address in signed digital certificates used to encrypt communications between end-users and HTTPS-secured websites. This can be exploited in Transport Layer Security (TLS) servers when requests for client authentication are fulfilled by threat actor-controlled clients. CVE-2022-3602 is similarly exploitable in TLS servers via buffer overflow operations and could result in denial of service or remote code execution. While there has been no evidence of current exploitation in the wild, OpenSSL users are advised to upgrade to the latest version, 3.0.7 as soon as possible.
We access that threat actors will likely seek to target vulnerable OpenSSL versions, particularly when remote code execution can be achieved via exploitation of CVE-2022-3602. This would follow the increasing trend of threat actors seeking to routinely target vulnerabilities to provide initial access to their targets.
Get our latest cyber intelligence insights straight into your inbox every week
Fill out the short form below to subscribe to our newsletter so that you never miss out on our cyber intelligence insights and news.