December 12th, 2022: CyberHoot has learned of a critical vulnerability in ConnectWise and SonicWall Capture Client (and other EDR products listed below). MSPs are urged to take emergency action to patch their systems ASAP. Evidence has surfed of exploits in the wild resulting in arbitrary code execution with elevated admin privileges.
“In computer security, a wiper is a class of malware intended to erase (wipe, hence the name) the hard drive of the computer it infects, maliciously deleting data and programs.” Wikipedia
Critical Advisory Alert: Immediate Action Required
The following software solutions were identified and tested by ConnectWise. Additional systems may be at risk. Check your vendor advisory pages to confirm exposures and patch asap.
Avast & AVG Antivirus:
ConnectWise Advisory: https://www.connectwise.com/company/trust/advisoriesMicrosoft Defender Advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37971Avast and AVG Advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-4173Trend Micro Advisory: https://success.trendmicro.com/dcx/s/solution/000291830?language=en_US
SonicWall Capture Client Advisory: https://www.sonicwall.com/support/knowledge-base/capture-client-differences-between-sonicwall-managed-and-self-managed-versions/181114002946980/Time-of-Check and Time-of-Use Definition: https://cwe.mitre.org/data/definitions/367.htmlSonicWall Aikido Advisory: https://www.sonicwall.com/support/knowledge-base/aikido-exploit-and-its-impact-on-sonicwall-capture-client/221213114338960/BlackHat SafeBreach Announcement: Aikido Vulnerability https://i.blackhat.com/EU-22/Wednesday-Briefings/EU-22-Yair-Aikido-Turning-EDRs-to-Malicious-Wipers.pdf
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...
Read moreA newly uncovered cyberattack campaign is exploiting Zoom’s Remote Control feature to infiltrate the systems...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.