Tanzania Computer Emergency Response Team

Advisory No: TZCERT/SA/2021/02/04 Date of First Release: 04th February 2021 Source: Sonic Wall Software Affected:  SMA 100 10.x devices (SMA 200, SMA 210, SMA 400, SMA 410, SMA 500v) Overview: This vulnerability is caused by improper SQL command neutralization in SonicWall SSLVPN SMA100 products that could allow unauthenticated, remote attacker exploit for credential …

Google has released security updates to address multiple vulnerabilities in Chrome. The exploitation of these vulnerabilities could allow an attacker to take control of an affected system. Users and Administrators are encouraged to review the Chrome release page and apply necessary updates.

SonicWall has released security updates to address a vulnerability in SonicWall Secure Mobile Access (SMA) 100 series products. The exploitation of this vulnerability could allow an attacker to take control of an affected system. Users and Administrators are encouraged to review SonicWall Advisory and apply necessary updates.

Cisco has released security updates to address vulnerabilities in VPN Routers. The exploitation of these vulnerabilities could allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Cisco Security Advisory and apply necessary updates.

Linux Sudo Package Elevation of Privilege Vulnerability- CVE-2021-3156 Advisory No: TZCERT/SA/2021/02/03 Date of First Release: 03rd February 2021 Source: Sudo Software Affected:  Sudo versions 1.8.2 through 1.8.31p2 & 1.9.0 through 1.9.5p1 Overview: A heap overflow vulnerability exists in sudo, a utility available in Unix operating systems. Successful exploitation of this vulnerability may allow an …