Mike Alfaro

**Name of the Vulnerable Software and Affected Versions** Binalyze IREC.sys versions 3.11.0 and earlier **Description** An issue in Binalyze IREC.sys allows a local attacker to execute arbitrary code and escalate privileges via the fun 1400084d0 function in the IREC.sys driver. **Recommendations** For versions 3.11.0 and earlier, as a temporary workaround, consider disabling the fun 1400084d0 function in the IREC.sys driver until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** InsightCloudSec versions prior to 23.2.1 **Description** An authenticated attacker can leverage an exposed getattr() method via a Jinja template to smuggle OS commands and perform other actions that are normally expected to be private methods. This issue was resolved in the Managed and SaaS deployments on February 1, 2023. **Recommendations** For versions prior to 23.2.1, update to version 23.2.1 to resolve the issue. As a temporary workaround, consider restricting access to the Jinja template and the getattr() method to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** InsightCloudSec versions prior to 23.2.1 **Description** An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files from disk, provided those files can be parsed as yaml or JSON. This issue was resolved in the Managed and SaaS deployments on February 1, 2023. **Recommendations** For versions prior to 23.2.1, update to version 23.2.1 to resolve the issue. As a temporary workaround, consider restricting access to the exposed “box” object until the update is applied.

**Name of the Vulnerable Software and Affected Versions** InsightCloudSec versions prior to 23.2.1 **Description** An authenticated attacker can leverage an exposed `resource.db()` accessor method to smuggle Python method calls via a Jinja template, which can lead to code execution. This issue was resolved in the Managed and SaaS deployments on February 1, 2023. **Recommendations** For versions prior to 23.2.1, update to version 23.2.1 to resolve the issue. As a temporary workaround, consider restricting access to the `resource.db()` accessor method until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Biostar RACING GT Evo version 2.1.1905.1700 **Description** An issue was discovered in BS RCIO64.sys. A low-integrity process can open the driver's device object and issue IOCTLs to read or write to arbitrary physical memory locations, or call an arbitrary address, leading to execution of arbitrary code. This issue is associated with specific IOCTL codes. **Recommendations** For Biostar RACING GT Evo version 2.1.1905.1700, consider restricting access to the BS RCIO64.sys driver to prevent low-integrity processes from opening its device object and issuing malicious IOCTLs. As a temporary workaround, consider disabling the driver until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.