What Happened Over the Week? | CVEs Edition
Hello, hello cyber-securiters. This is a special edition for CVEs. You need lots of updates this week. The cyber-world is shaking.
Here is a catch-up for you. Let's start.
1) Major Remote Code Execution Vulnerability Identified in GNU-Linux Systems' CUPS Service
The inaugural entry in a series of blog posts has been released, highlighting a vulnerability within the Common Unix Printing System (CUPS).
This flaw allegedly enables attackers to achieve remote access to UNIX-based systems. Affecting a range of UNIX-based operating systems, the vulnerability can be exploited by transmitting a specially crafted HTTP request to the CUPS service.
2) Severe Vulnerabilities Found in Jupiter X Core WordPress Plugin
Security researchers have discovered two critical vulnerabilities in the Jupiter X Core WordPress plugin, which is used by over 90,000 websites. These vulnerabilities could allow unauthenticated attackers to gain complete control over websites or hijack user accounts, including those of administrators.
CVEs:
3) Critical Vulnerability in VLC Media Player: Users Urged to Update to Prevent Exploitation
Users of the popular VLC media player are urged to update their software immediately following the discovery of a critical vulnerability that could allow attackers to crash the program or execute arbitrary code.
Vulnerability Overview
4) Critical Vulnerability in HashiCorp Vault Poses Risk of Unrestricted SSH Access
HashiCorp, a leading provider of infrastructure automation software, has issued a critical security advisory about a vulnerability in its widely-used secrets management tool, Vault.
This flaw, designated CVE-2024-7594 and assigned a CVSS score of 7.7, affects both Vault Community Edition and Vault Enterprise versions ranging from 1.7.7 to 1.17.5.
If exploited, the vulnerability could allow attackers to gain unrestricted SSH access to systems, leading to potential data breaches, service disruptions, and unauthorized control over critical infrastructure.
5) Flax Typhoon Botnet Exploits 66 Vulnerabilities, Posing Global Threat to Critical Infrastructure
In a joint advisory issued by various intelligence agencies, a serious warning was released regarding the widespread cyberattack campaign led by the Chinese state-sponsored group Flax Typhoon.
This campaign involves exploiting 66 known vulnerabilities in routers, IoT devices, and web applications to construct a botnet. These compromised devices pose a major threat to critical infrastructure worldwide, targeting sectors like energy, healthcare, and finance.
The vulnerabilities affect products from the following companies:
6) Critical Security Flaw in NVIDIA Container Toolkit Exposes Systems to RCE
NVIDIA has released a security bulletin addressing two critical vulnerabilities that could expose organizations using GPU-accelerated containers to significant cyber threats. These vulnerabilities, CVE-2024-0132 and CVE-2024-0133, affect versions of the NVIDIA Container Toolkit up to version v1.16.1 and pose a serious risk if not patched.
Vulnerabilities:
7) Critical CVSS 9.8 Vulnerabilities in Aruba Access Points
The Hewlett Packard Enterprise (HPE) Product Security Response Team has issued an urgent advisory concerning multiple critical command injection vulnerabilities affecting Aruba Access Points running Instant AOS-8 and AOS-10.
These vulnerabilities, identified as CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507, each carry a CVSS score of 9.8, exposing affected devices to potential remote code execution (RCE) attacks.
8) TeamViewer Urges Immediate Update to Patch Critical Privilege Escalation Flaws
TeamViewer has issued a security bulletin highlighting two critical vulnerabilities affecting its Remote Client and Remote Host products for Windows.
Identified as CVE-2024-7479 and CVE-2024-7481, both vulnerabilities carry a CVSS score of 8.8, representing significant risks to users, especially those operating outdated versions of the software.
9) Critical CVSS 10 Vulnerabilities Discovered in Pure Storage FlashArray and FlashBlade Systems
Pure Storage has issued a critical security advisory outlining several high-severity vulnerabilities affecting its FlashArray and FlashBlade storage systems. Some of these vulnerabilities carry a CVSS score of 10, indicating the highest level of severity.
These flaws could allow malicious actors to execute arbitrary code, gain unauthorized access, and potentially disrupt critical operations.
CVEs:
领英推荐
10) Critical Security Update for pgAdmin: CVE-2024-9014
A critical vulnerability has been discovered in pgAdmin, the leading open-source management tool for PostgreSQL databases.
The flaw, identified as CVE-2024-9014 with a CVSS score of 9.9, affects versions 8.11 and earlier, potentially putting user data at serious risk.
11) Critical SSRF Vulnerability in Zimbra Exploited
CVE-2024-45519 is a Server-Side Request Forgery (SSRF) vulnerability affecting Zimbra Collaboration Suite (ZCS).
This flaw allows unauthorized access to internal services by exploiting the Zimbra Admin interface. Specifically, attackers can manipulate requests to internal services, bypassing normal authentication and authorization mechanisms.
12) CISA Issues Alert on Actively Exploited Ivanti vTM Vulnerability with Public PoC
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released an urgent advisory concerning an actively exploited security vulnerability in Ivanti's Virtual Traffic Manager (vTM), a widely used application delivery controller.
Identified as CVE-2024-7593, the vulnerability carries a critical CVSS score of 9.8 and allows remote attackers to bypass authentication on exposed vTM administrative interfaces.
13) CVE-2024-38286: Denial-of-Service Vulnerability Identified in Apache Tomcat
The Apache Software Foundation has issued a security advisory regarding a newly discovered denial-of-service (DoS) vulnerability in Apache Tomcat, identified as CVE-2024-38286.
This vulnerability is rated as Important and affects multiple versions of Apache Tomcat across all platforms.
14) CVE-2024-9043 (CVSS 9.8): Critical Vulnerability in Cellopoint Secure Email Gateway Exposes Sensitive Data
Cellopoint Secure Email Gateway is a widely used solution designed to protect enterprise email infrastructures, including cloud services like Microsoft 365, Exchange Online, Google Workspace, and on-premises platforms such as Microsoft Exchange and Zimbra.
A newly disclosed vulnerability, CVE-2024-9043, in Cellopoint’s Secure Email Gateway (SEG) presents a severe security risk for enterprise email systems.
With a CVSS score of 9.8, this flaw demands immediate attention from administrators using the platform, as it has the potential to compromise sensitive communications.
15) ESET Releases Patches for Privilege Escalation Vulnerabilities in Windows and macOS Products
ESET has announced patches for two local privilege escalation vulnerabilities affecting its security products for both Windows and macOS.
Vulnerability Details:
An attacker with low privileges on an affected system could exploit this flaw to delete arbitrary files and escalate their privileges.
The flaw could allow a low-privileged user to create a symlink to a specific location, disrupting the functionality of ESET’s security tools.
Threat.Watch: Uncover Your Cyber Security Health
?? Discover the power of our comprehensive cybersecurity solution that evaluates critical security categories.
Do you want to get preliminary findings ???about your company's security posture?
Learn more insights with;
?? 1B+ Credentials in Compromised Devices,
??146B+ Breached Accounts,
??22M+ Phishing Addresses and
??305M+ Darkweb Contents.
Get your free report to learn more about your company's security health: https://threat.watch/