Rewterz

Rewterz Threat Alert – Nanocore Rat – Active IOCs

June 29, 2022
Rewterz

Rewterz Threat Update – Iranian State-Owned Company Halts Production After Cyberattack

June 29, 2022

Rewterz Threat Advisory – Multiple Mozilla Firefox Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-34482 CVSS:8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to drag and drop an image to a filesystem, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system.

CVE-2022-34483 CVSS:8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system. By persuading a victim to drag and drop an image to a filesystem, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system.

CVE-2022-34481 CVSS:8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the nsTArray_Impl::ReplaceElementsAt() function. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system.

CVE-2022-2200 CVSS:8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by setting an undesired attribute as part of prototype pollution. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system.

CVE-2022-34484 CVSS:8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.

CVE-2022-34485 CVSS:8.8
Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.

Impact

  • Code Execution
  • Gain Access

Indicators Of Compromise

CVE

  • CVE-2022-34482
  • CVE-2022-34483
  • CVE-2022-34481
  • CVE-2022-2200
  • CVE-2022-34484
  • CVE-2022-34485

Affected Vendors

  • Mozilla

Affected Products

  • Mozilla Firefox 101
  • Mozilla Firefox ESR 91.10
  • Mozilla Thunderbird 101
  • Mozilla Thunderbird 91.10

Remediation

Refer to Mozilla Foundation Security Advisory for patch, upgrade or suggested workaround information.

Mozilla Firefox 102
Mozilla Firefox ESR 91.11
Mozilla Thunderbird 102 and Thunderbird 91.11

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.