Gregory Vishnepolsky

Name of the Vulnerable Software and Affected Versions: Firefox ESR versions prior to 78.9 Firefox versions prior to 87 Thunderbird versions prior to 78.9 Description: A malicious webpage could scan an internal network's hosts and services running on the user's local machine using WebRTC connections. This issue leverages techniques built on the slipstream research. Recommendations: For Firefox ESR versions prior to 78.9, update to version 78.9 or later. For Firefox versions prior to 87, update to version 87 or later. For Thunderbird versions prior to 78.9, update to version 78.9 or later.

Name of the Vulnerable Software and Affected Versions: macOS Big Sur versions prior to 11.2 Security Update versions prior to 2021-001 Catalina Security Update versions prior to 2021-001 Mojave tvOS versions prior to 14.4 watchOS versions prior to 7.3 iOS versions prior to 14.4 iPadOS versions prior to 14.4 Safari versions prior to 14.0.3 Description: A port redirection issue was addressed with additional port validation. A malicious website may be able to access restricted ports on arbitrary servers. Recommendations: For macOS Big Sur, update to version 11.2 or later. For Security Update Catalina, apply Security Update 2021-001 or later. For Security Update Mojave, apply Security Update 2021-001 or later. For tvOS, update to version 14.4 or later. For watchOS, update to version 7.3 or later. For iOS, update to version 14.4 or later. For iPadOS, update to version 14.4 or later. For Safari, update to version 14.0.3 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 85 **Description** The issue is related to information disclosure. It could allow a remote attacker to gain unauthorized access to protected information. Combining certain techniques with a malicious webpage may expose hosts on an internal network and services running on the user's local machine. **Recommendations** For versions prior to 85, update to version 85 or later to resolve the issue. As a temporary workaround, consider avoiding the use of potentially vulnerable features until the update is applied. Restrict access to untrusted webpages to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 84 Thunderbird versions prior to 78.6 Firefox ESR versions prior to 78.6 **Description** A malicious webpage could expose both an internal network's hosts and services running on the user's local machine using techniques built on the slipstream research. **Recommendations** For Firefox versions prior to 84, update to version 84 or later. For Thunderbird versions prior to 78.6, update to version 78.6 or later. For Firefox ESR versions prior to 78.6, update to version 78.6 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions 7 through 9 **Description** The issue is related to a flaw in the implementation of the Low Energy Audio Protocol (LEAP) in Apple iOS, which can lead to a heap overflow with attacker-controlled data when a large audio command is sent to a targeted device. This overflow can be exploited by an attacker to gain full control of the device, leveraging the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control but requires the default "Bluetooth On" value to be present in Settings. **Recommendations** For Apple iOS versions 7 through 9, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.4.4 through 8.0 **Description** A remote code execution issue in the Android system's Bluetooth component allows an attacker to compromise the integrity of the device's memory and gain full control over it. The issue is caused by an integer overflow in the Bluetooth Network Encapsulation Protocol (BNEP) service, which is part of the Personal Area Networking (PAN) profile. **Recommendations** For Android versions 4.4.4 through 8.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.