Oren Isacson

**Nome do software vulnerável e versões afetadas** Phoenix SecureCore para Intel Kaby Lake, versões 4.0.1.1 a 4.0.1.998 Phoenix SecureCore para Intel Coffee Lake, versões 4.1.0.1 a 4.1.0.562 Phoenix SecureCore para Intel Ice Lake, versões 4.2.0.1 a 4.2.0.323 Phoenix SecureCore para Intel Comet Lake, versões 4.2.1.1 a 4.2.1.287 Phoenix SecureCore para Intel Tiger Lake, versões 4.3.0.1 a 4.3.0.236 Phoenix SecureCore para Intel Jasper Lake, versões 4.3.1.1 a 4.3.1.184 Phoenix SecureCore para Intel Alder Lake, versões 4.4.0.1 a 4.4.0.269 Phoenix SecureCore para Intel Raptor Lake, versões 4.5.0.1 a 4.5.0.218 Phoenix SecureCore para Intel Meteor Lake, versões 4.5.1.1 a 4.5.1.15 **Descrição** O problema está relacionado a uma vulnerabilidade de estouro de buffer no firmware UEFI do Phoenix SecureCore, que pode ser explorada para executar código arbitrário. Essa vulnerabilidade afeta muitos dispositivos com CPUs Intel, incluindo laptops, PCs e servidores de vários fabricantes, como Dell, Acer, HP e Lenovo. A vulnerabilidade pode ser usada para criar malware e permitir que um invasor execute código nos dispositivos afetados, levando potencialmente à escalada de privilégios e à execução de código. Estima-se que centenas de modelos de PCs e servidores possam ser afetados. **Recomendações** Para o Phoenix SecureCore para Intel Kaby Lake, versões 4.0.1.1 a 4.0.1.998, atualize para a versão 4.0.1.998 ou posterior. Para o Phoenix SecureCore para Intel Coffee Lake, versões 4.1.0.1 a

**Name of the Vulnerable Software and Affected Versions** HP OpenView Storage Data Protector versions 6.00 through 6.20 **Description** The issue is related to multiple stack-based buffer overflows in the inet service. This allows remote attackers to execute arbitrary code via a request containing crafted parameters. **Recommendations** For HP OpenView Storage Data Protector versions 6.00 through 6.20, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** IBM Lotus Notes versions prior to 8.5.2 FP3 **Description** The issue is related to a heap-based buffer overflow in the xlssr.dll component of Autonomy KeyView, used in IBM Lotus Notes. This can be exploited by remote attackers through a malformed BIFF record in a .xls Excel spreadsheet attachment, potentially allowing the execution of arbitrary code. **Recommendations** For versions prior to 8.5.2 FP3, update to version 8.5.2 FP3 or later to resolve the issue. As a temporary workaround, consider restricting the handling of .xls attachments in IBM Lotus Notes until the update is applied.

**Name of the Vulnerable Software and Affected Versions** HP OpenView Network Node Manager (OV NNM) versions 7.01, 7.51, and 7.53 **Description** The issue is a stack-based buffer overflow in OvCgi/Toolbar.exe, which allows remote attackers to execute arbitrary code via a long OvOSLocale cookie. **Recommendations** For HP OpenView Network Node Manager (OV NNM) versions 7.01, 7.51, and 7.53, consider restricting access to the OvOSLocale cookie to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HP OpenView Network Node Manager versions 7.01, 7.51, 7.53 **Description** The issue is related to multiple heap-based buffer overflows in OvCgi/Toolbar.exe. Remote attackers can execute arbitrary code via a long `OvAcceptLang` cookie, which triggers the error in `ov.dll` and `ovwww.dll`, or a long `Accept-Language` HTTP header, which triggers the error in `ovwww.dll` or `libovwww.so.4`. **Recommendations** For HP OpenView Network Node Manager versions 7.01, 7.51, 7.53, at the moment, there is no information about a newer version that contains a fix for this vulnerability.