Andy Davis

**Nome do software vulnerável e versões afetadas** Versões do iOS anteriores à 13.6 Versões do iPadOS anteriores à 13.6 Versões do tvOS anteriores à 13.4.8 **Descrição** Existia uma falha na validação de entrada no Bluetooth, permitindo que um invasor em uma posição privilegiada na rede pudesse, potencialmente, realizar um ataque de negação de serviço usando pacotes Bluetooth malformados. **Recomendações** Para versões do iOS anteriores à 13.6, atualize para o iOS 13.6 ou posterior para resolver o problema. Para versões do iPadOS anteriores à 13.6, atualize para o iPadOS 13.6 ou posterior para resolver o problema. Para versões do tvOS anteriores à 13.4.8, atualize para o tvOS 13.4.8 ou posterior para resolver o problema.

**Nome do software vulnerável e versões afetadas** Versões do macOS anteriores à 10.15.5 **Descrição** Um problema de lógica foi corrigido com restrições aprimoradas. A inserção de um dispositivo USB que envie mensagens inválidas pode causar um kernel panic. **Recomendações** Para versões anteriores à 10.15.5, atualize para o macOS Catalina 10.15.5 para resolver o problema.

**Nome do software vulnerável e versões afetadas** Versões do iOS anteriores à 13.5 Versões do iPadOS anteriores à 13.5 Versões do macOS Catalina anteriores à 10.15.5 **Descrição** Foi corrigido um problema de validação por meio de uma melhor sanitização de entradas, o que poderia permitir que um dispositivo USB causasse uma negação de serviço. **Recomendações** Para versões do iOS anteriores à 13.5, atualize para o iOS 13.5 ou posterior. Para versões do iPadOS anteriores à 13.5, atualize para o iPadOS 13.5 ou posterior. Para versões do macOS Catalina anteriores à 10.15.5, atualize para o macOS Catalina 10.15.5 ou posterior.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 10.2 **Description** The issue is related to insufficient input validation in the Image Capture component of the iOS operating system. This can be exploited by an attacker with local access to execute arbitrary code using a specially crafted USB HID device. **Recommendations** For iOS versions prior to 10.2, update to a version 10.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of USB HID devices to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 7.1 Apple TV versions prior to 6.1 **Description** The issue allows physically proximate attackers to execute arbitrary code or cause a denial of service due to memory corruption via crafted USB messages. **Recommendations** For Apple iOS versions prior to 7.1, update to version 7.1 or later. For Apple TV versions prior to 6.1, update to version 6.1 or later.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 version SP1 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows RT **Description** The issue allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device. An elevation of privilege vulnerability exists when Windows USB drivers improperly handle objects in memory, potentially allowing an attacker to run arbitrary code in kernel mode. This could enable the attacker to install programs, view, change, or delete data, or create new accounts with full administrative rights. **Recommendations** For Microsoft Windows XP versions SP2 through SP3, update to a newer version to mitigate the risk. For Microsoft Windows Server 2003 version SP2, update to a newer version to mitigate the risk. For Microsoft Windows Vista version SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2008 versions SP2 through R2 SP1, update to a newer version to mitigate the risk. For Microsoft Windows 7 version SP1, update to a newer version to mitigate the risk. For Microsoft Windows 8, update to a newer version to mitigate the risk. For Microsoft Windows Server 2012, update to a newer version to mitigate the risk. For Microsoft Windows RT, update to a newer version to mitigate the risk. As a temporary workaround, consider disabling the use of USB devices until a patch is available. Restrict access to the USB drivers to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue arises from improper handling of objects in memory by Windows USB drivers, leading to an elevation of privilege. This could allow an attacker to execute arbitrary code in kernel mode, potentially enabling them to install programs, view, change, or delete data, or create new accounts with full administrative rights. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue arises from improper handling of objects in memory by Windows USB drivers, leading to an elevation of privilege. This could allow an attacker to execute arbitrary code in kernel mode, potentially enabling them to install programs, view, change, or delete data, or create new accounts with full administrative rights. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mac OS X versions prior to 10.7.5 **Description** The issue arises from improper handling of the bNbrPorts field of a USB hub descriptor. This allows physically proximate attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and system crash, by attaching a USB device. **Recommendations** For versions prior to 10.7.5, update to version 10.7.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** TIBCO SmartPGM FX (affected versions not specified) **Description** The issue concerns multiple stack-based buffer overflows that allow remote attackers to execute arbitrary code or cause a denial of service, resulting in service stop and file-transfer outage. The exact vectors used for the attack are not specified. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NetPublish Server version 7 **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files by using "../" sequences in the `template` parameter. **Recommendations** For NetPublish Server version 7, consider restricting access to the `server.np` component until a patch is available. As a temporary workaround, avoid using the `template` parameter with "../" sequences to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** openSUSE samba versions prior to 3.5.15 openSUSE libtdb1 versions (affected versions not specified) openSUSE libtevent0 versions (affected versions not specified) openSUSE libtalloc2 versions (affected versions not specified) openSUSE libldb1 versions (affected versions not specified) openSUSE libsmbclient0 versions (affected versions not specified) openSUSE libwbclient0 versions (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in various packages of the openSUSE operating system, including samba, libtdb1, libtevent0, libtalloc2, libldb1, libsmbclient0, and libwbclient0. These vulnerabilities can be exploited remotely, potentially leading to a violation of confidentiality, integrity, and availability of protected information. The exploitation may cause a denial of service or possibly execute arbitrary code. **Recommendations** For openSUSE samba versions prior to 3.5.15, update to version 3.5.15 or later. For other affected packages, at the moment, there is no information about a newer version that contains a fix for this vulnerability.