Rewterz Threat Advisory – CVE-2022-2884 – GitLab Vulnerability Exploit in the Wild

Rewterz Threat Advisory – CVE-2022-2587 – Google Chrome OS Audio Server Exploit in the Wild

August 24, 2022

Rewterz Threat Alert – LokiBot Malware – Active IOCs

August 24, 2022

Rewterz Threat Advisory – CVE-2022-2884 – GitLab Vulnerability Exploit in the Wild

Severity

High

Analysis Summary

CVE-2022-2884

A vulnerability in GitLab CE/EE affecting all versions starting from 11.3.4 before 15.1.5, all versions starting from 15.2 before 15.2.3, all versions starting from 15.3 before 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.

Impact

Remote Code Execution

Indicators Of Compromise

CVE

CVE-2022-2884

Affected Vendors

GitLab

Affected Products

Gitlab CE/EE from 11.3.4 to before 15.1.5
Gitlab CE/EE 15.2 prior to 15.2.3
Gitlab CE/EE 15.3 prior to 15.3.1

Remediation

Refer to GitLab Security Advisory for patch, upgrade or suggested workaround information.

GitLab Security Advisory

Rewterz Threat Advisory – CVE-2022-2587 – Google Chrome OS Audio Server Exploit in the Wild

Rewterz Threat Alert – LokiBot Malware – Active IOCs

Rewterz Threat Advisory – CVE-2022-2884 – GitLab Vulnerability Exploit in the Wild

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan