Hello, welcome to the Wednesday, November 3, 2021 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

We Ching did post an update on Braggtooth. If you're not familiar with Braggtooth, that's a set of vulnerabilities

that was released two months ago that affects a large range of Bluetooth devices.

As typical for these kind of vulnerabilities, multiple chipsets are affected by these vulnerabilities,

and of course, these chipsets then end up in all kinds of different devices and end user brands. So it's sometimes hard to tell whether or not

a particular Bluetooth device is using a particular chipset and whether or not it's vulnerable, making patching pretty

difficult for these type of vulnerabilities, because you also need updated firmware to start

out with.

In this diary that we're being published, we do have a table with all the different chipsets and what the current status is, depending

whether or not vulnerable or whether there is a fix available.

The tool that was used to find these vulnerabilities and the proof of concept exploit has

also been released as of this weekend.

So exploitation of these vulnerabilities may become more real, which of course puts additional

pressure on actually getting these vulnerabilities patched.

For an end user, often you find these patches being included in operating system updates,

so just make sure best you can that the operating system of your devices and such is up to date.

And researchers at Grimm took a closer look at Nagios, the network monitoring tool, and found about a dozen

different vulnerabilities ranging from cross-site scripting all the way up to remote code

execution and even privilege escalation.

The problem with network monitoring servers is that first of all, every

network has one, and then the server itself often does run with elevated privileges or

has even the ability to reach out to other systems on the network using elevated privileges.

...