• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
eltima sdk contain multiple vulnerabilities affecting several cloud service provides

Eltima SDK Contain Multiple Vulnerabilities Affecting Several Cloud Service Provides

You are here: Home / General Cyber Security News / Eltima SDK Contain Multiple Vulnerabilities Affecting Several Cloud Service Provides
December 7, 2021

Cybersecurity scientists have disclosed several vulnerabilities in a third-party driver software program produced by Eltima that have been “unwittingly inherited” by cloud desktop methods like Amazon Workspaces, Accops, and NoMachine and could present attackers a path to complete an array of destructive activities.

“These vulnerabilities allow attackers to escalate privileges enabling them to disable security products, overwrite method parts, corrupt the operating process, or carry out destructive functions unimpeded,” SentinelOne researchers claimed in a report shared with The Hacker Information.

The flaws have considering the fact that been resolved in Amazon Nimble Studio AMI, Amazon Awesome DCV, Amazon WorkSpaces, Amazon AppStream, NoMachine, Accops HyWorks, Accops HyWorks DVM Tools, Eltima USB Network Gate, Amzetta zPortal Windows zClient, Amzetta zPortal DVM Instruments, FlexiHub, and Donglify.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Automatic GitHub Backups

At its core, the issues reside in a merchandise produced by Eltima that offers “USB about Ethernet” capabilities, and allows desktop virtualization solutions like Amazon WorkSpaces to redirect related USB equipment such as webcams to their distant desktop.

Particularly, the vulnerabilities can be traced back to two drivers that are liable for USB redirection — “wspvuhub.sys” and “wspusbfilter.sys” — top to a buffer overflow situation that could end result in the execution of arbitrary code with kernel-mode privileges.

BSoD Evidence Of Notion

“An attacker with access to an organization’s network might also gain entry to execute code on unpatched methods and use this vulnerability to get regional elevation of privilege,” the cybersecurity company mentioned. “Attackers can then leverage other tactics to pivot to the broader network, like lateral motion.”

The discovery marks the fourth set of security vulnerabilities influencing software drivers that have been uncovered by SentinelOne given that the get started of the year.

Prevent Data Breaches

Previously this Might, the Mountain See-based corporation disclosed a amount of privilege escalation vulnerabilities in Dell’s firmware update driver named “dbutil_2_3.sys” that went undisclosed for far more than 12 a long time. Then in July, it also made community a high-severity buffer overflow flaw impacting “ssport.sys” and applied in HP, Xerox, and Samsung printers that were being identified to have remained undetected because 2005.

And in September, SentinelOne produced general public a significant-severity flaw in the HP OMEN driver software program “HpPortIox64.sys” that could make it possible for threat actors to elevate privileges to kernel mode without the need of demanding administrator permissions, allowing them to disable security solutions, overwrite procedure components, and even corrupt the operating technique.

Identified this write-up intriguing? Follow THN on Fb, Twitter  and LinkedIn to examine far more exclusive content we write-up.


Some components of this report are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Just 3% of UK Firms Escaped a Supply Chain Breach in 2021
Next Post: SolarWinds Attackers Spotted Using New Tactics, Malware solarwinds attackers spotted using new tactics, malware»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Microsoft Acknowledges Zero-Day, Follina Office Vulnerability, Suggests Fix
  • Magniber Ransomware Now Targets Windows 11 Machines
  • Latest Mobile Malware Report Suggests On-Device Fraud is on the Rise
  • EnemyBot Malware Targets Web Servers, CMS Tools and Android OS
  • ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats
  • Russian Killnet cyber attacks begin on Italian-linked businesses
  • Three BEC Suspects Arrested in “Killer Bee” Sting
  • Zscaler and Siemens team up to provide all-in-one digital transformation solution
  • UK Privacy Tsar: Stop Excessive Data Collection from Rape Victims
  • Turkish Airline Exposes Flight and Crew Info in 6.5TB Leak

Copyright © TheCyberSecurity.News, All Rights Reserved.