May 2024 Vulnerability Review
Hey Vulnerability Watchers,??
there is no way around Artificial Intelligence language tools like ChatGPT, Bard or Copilot in a business context these days. However, as much as AI simplifies IT workflows without a lot of specific programming, AI tools and especially chatbots can also become unintended whistleblowers leaking sensitive data and thus making your IT environment a danger zone.??
Just imagine your company chatbot shouting out user credentials or bank account details to everyone who lends an ear to it and asks the right questions! At least this is what a group of researchers in the USA found out in a long-term experiment with ChatGPT4. From June to September 2023, 34,555 participants started an interactive prompt injection challenge which resulted in a total of 316,637 submissions. Their goal: manipulating company chatbots into delivering sensitive information by tricking it via targeted strategic prompts.??
The results of this chatbot challenge should make everyone think twice before configuring and integrating their company’s “virtual mouthpieces”. All in all, 88% of all targeted prompts manipulated the GenAI bot to expose at least one level of sensitive information. And as we all know, information leaks make every IT landscape vulnerable for further damage. So, check your configurations with vigilance - safety first also counts for your chatbots. Otherwise, they might talk too much.??
??Check out the free and interactive Vulnerability Dashboard for comprehensive insights into newly published vulnerabilities.????
Here’s a look at last month’s vulnerability trends.??
?---??
There has been an allover upwards trend in May as the total number of vulnerabilities has increased from 118 in April to a total number of 129. The vulnerability count by vendors, in contrary, significantly went down from 25 to 17.? There has also been a deep downfall of vulnerability count by products, as the number of vulnerable products almost halved from 53 to 28.?
Good news first: More than half of these reported vulnerabilities, so exactly 71, show a medium criticality score and 2 vulnerabilities are even at a low severity level. However, 56 vulnerabilities still show a criticality level of 7 or higher. So, there are still many reasons for IT security vigilance at all levels as cybercriminals are also becoming smarter, faster and more routine the more digitalization speeds up.? So, let’s take a closer look into recent vulnerability aspects in May.?
Last month, Microsoft clearly led the pack with 12 vulnerable products with Google, Dell, and Cisco following up from a distance.?
Looking at the top products with most vulnerabilities, Linux Kernel is the definite leader with a product vulnerability count of 60. Although a greater part of these vulnerabilities is “only” scored as medium (scores 5 and 6), about one third of them (exactly 21) still show a high criticality score of 7 or 8. Also consider the widespread use and popularity of Linux Kernel solutions among developers worldwide. The more frequently a product is used, the more likely it becomes a “danger zone” in case of severe vulnerabilities and security leaks.??
Regarding vulnerability scores, there is only one “10 out of 10” product vulnerability related to Google Chrome. The other “high score candidates” between 7 and 9 are a mixed bunch, including Cisco, Microsoft, Checkpoint, Atlassian, Linux, Foxit, Fortinet and a few more.?
Here are some of the most critical vulnerabilities which were detected and listed in May:??
CVE-2024-5328?
领英推荐
Publisher: WordPress?
Product: PostX plugin for WordPress?
Description: The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'postx_presets_callback' function in all versions up to, and including, 4.1.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator.?
CVE-2024-5274?
Publisher: Google?
Product: Google Chrome?
Description: Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)?
?CVE-2024-5400??
Publisher: Openfind?
Product: Openfind Mail2000?
Description: Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server.?
---
Whether these or similar vulnerabilities are critical for your infrastructure depends on how the software or device is configured, what it's connected to, and existing security measures. As always, check these vulnerabilities against your actual infrastructure and configurations.??
??Automating your vulnerability monitoring and mitigation as part of your IT Visibility strategy can help make your infrastructure and data more secure. Read our whitepaper to how we can help you give your cybersecurity a boost: https://eu1.hubs.ly/H07mrfw0?.?
Sources:
?