Mike Alfaro

**Name of the Vulnerable Software and Affected Versions** Binalyze IREC.sys versions 3.11.0 and earlier **Description** An issue in Binalyze IREC.sys allows a local attacker to execute arbitrary code and escalate privileges via the fun 1400084d0 function in the IREC.sys driver. **Recommendations** For versions 3.11.0 and earlier, as a temporary workaround, consider disabling the fun 1400084d0 function in the IREC.sys driver until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** InsightCloudSec versions prior to 23.2.1 **Description** An authenticated attacker can leverage an exposed getattr() method via a Jinja template to smuggle OS commands and perform other actions that are normally expected to be private methods. This issue was resolved in the Managed and SaaS deployments on February 1, 2023. **Recommendations** For versions prior to 23.2.1, update to version 23.2.1 to resolve the issue. As a temporary workaround, consider restricting access to the Jinja template and the getattr() method to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** InsightCloudSec versions prior to 23.2.1 **Description** An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files from disk, provided those files can be parsed as yaml or JSON. This issue was resolved in the Managed and SaaS deployments on February 1, 2023. **Recommendations** For versions prior to 23.2.1, update to version 23.2.1 to resolve the issue. As a temporary workaround, consider restricting access to the exposed “box” object until the update is applied.

**Name of the Vulnerable Software and Affected Versions** InsightCloudSec versions prior to 23.2.1 **Description** An authenticated attacker can leverage an exposed `resource.db()` accessor method to smuggle Python method calls via a Jinja template, which can lead to code execution. This issue was resolved in the Managed and SaaS deployments on February 1, 2023. **Recommendations** For versions prior to 23.2.1, update to version 23.2.1 to resolve the issue. As a temporary workaround, consider restricting access to the `resource.db()` accessor method until a patch is available.

**Nome do software vulnerável e versões afetadas** Biostar RACING GT Evo versão 2.1.1905.1700 **Descrição** Foi descoberta uma vulnerabilidade no BS RCIO64.sys. Um processo de baixa integridade pode abrir o objeto de dispositivo do driver e emitir IOCTLs para ler ou gravar em locais arbitrários da memória física, ou chamar um endereço arbitrário, levando à execução de código arbitrário. Esta vulnerabilidade está associada a códigos IOCTL específicos. **Recomendações** Para o Biostar RACING GT Evo versão 2.1.1905.1700, considere restringir o acesso ao driver BS RCIO64.sys para impedir que processos de baixa integridade abram seu objeto de dispositivo e emitam IOCTLs maliciosos. Como solução temporária, considere desativar o driver até que um patch esteja disponível. No momento, não há informações sobre uma versão mais recente que contenha uma correção para este problema.