What Happened Over the Week? | CVEs Special

Hello, hello cyber-securiters. This is a special edition for CVEs. You need lots of updates this week.

Here is a catch-up for you. Let's start.

1) CVE-2024-7339: Critical DVR Vulnerability Exposes Over 400,000 Devices to Potential Exploitation

A critical security flaw, identified as CVE-2024-7339, has been discovered in a wide range of popular DVR (Digital Video Recorder) devices, including models from TVT, Provision-ISR, AVISION, and others.

This vulnerability has left 408,035 devices exposed to unauthorized access and potential exploitation.

2) Over 20,000 Ubiquiti Devices Vulnerable to Amplification Attacks and Data Leaks

Recent reports have uncovered alarming vulnerabilities in over 20,000 Ubiquiti devices, including the popular G4 Instant Camera and several other models.

Some devices even displayed warnings such as "HACKED-ROUTER-HELP-SOS-DEFAULT-PASSWORD," indicating prior compromises and underscoring the critical nature of these vulnerabilities.

3) CVE-2024-28573: Stored XSS Vulnerability in Dell PowerProtect

Dell PowerProtect DD, versions prior to

• 8.0,
• LTS 7.13.1.0,
• LTS 7.10.1.30, and
• LTS 7.7.5.40 contain a Stored Cross-Site Scripting Vulnerability.

4) New Security Flaw Found in Rockwell Automation Logix Controllers

A critical security bypass vulnerability, identified as CVE-2024-6242, has been discovered in Rockwell Automation Logix controllers, including the ControlLogix 1756 series, and other models such as GuardLogix.

5) SLUBStick: Critical Security Vulnerability Exploitation in the Linux Kernel

Researchers from Graz University of Technology have discovered a new technique called SLUBStick to exploit vulnerabilities in the Linux kernel. The researchers tested SLUBStick on Linux kernel versions 5.19 and 6.2, finding it effective on both versions.

6) CVE-2024-7120: Critical Security Flaw in RAISECOM Gateways Puts 25,000+ Devices at Risk

Security researchers have discovered a critical vulnerability, known as CVE-2024-7120, affecting RAISECOM Gateway devices. This flaw puts more than 25,000 devices worldwide at risk of remote command execution attacks.

7) Google Releases Patch for Dangerous Security Vulnerabilities in Chrome Browser

Google has released an urgent security update for its widely-used Chrome browser, addressing three vulnerabilities, one of which is classified as “critical.”

CVE-2024-6990: The most severe of these, CVE-2024-6990, is an "uninitialized use" bug in Chrome's Dawn component. This type of vulnerability can lead to unpredictable behavior within the browser, which could be exploited to execute malicious code.

CVE-2024-7255: An "out of bounds read" bug in the WebTransport component, reported by Marten Richter. This vulnerability can cause the browser to crash or become unstable, making it vulnerable to further attacks.

CVE-2024-7256: An "insufficient data validation" bug in the Dawn component, also discovered by "gelatin dessert." This flaw could allow attackers to inject and execute malicious code within the browser.

8) CVE-2024-7208 & CVE-2024-7209: Critical Security Vulnerabilities in SMTP Servers

A recent discovery has revealed vulnerabilities present in multiple hosted outbound SMTP servers. These vulnerabilities allow authenticated attackers to bypass sender authentication mechanisms, enabling them to spoof emails and impersonate trusted senders.

CVE-2024-7208: This vulnerability allows authenticated senders to bypass DMARC (or SPF or DKIM) policies, enabling them to spoof the identity of a shared, hosted domain.

CVE-2024-7209: This vulnerability arises from the use of shared SPF records in multi-tenant hosting environments and enables attackers to abuse network authorization to spoof the email identity of the sender.

9) CVE-2024-6980: Critical Vulnerability in Bitdefender GravityZone Update Server

Bitdefender has identified a critical vulnerability (CVE-2024-6980) in the GravityZone Update Server and has released an urgent patch to address it. This vulnerability can allow attackers to perform server-side request forgery attacks, leading to unauthorized access and data breaches.

10) CVE-2024-37085: VMware ESXi Authentication Bypass Vulnerability

VMware has announced the availability of a patch for the authentication bypass vulnerability tracked as CVE-2024-37085. Broadcom strongly advises organizations to apply this update immediately.

For environments where patching is not immediately feasible, VMware has provided temporary mitigations, including disabling local user accounts and adjusting Active Directory permissions.

11) CISA Alert: GeoServer Users at Critical Risk Due to CVE-2024-36401 Vulnerability

A severe security vulnerability in GeoServer, identified as CVE-2024-36401, is currently being exploited in the wild, endangering thousands of systems with the risk of remote code execution (RCE) attacks. Recent assessments have revealed that 6,284 GeoServer instances exposed to the internet are vulnerable to this critical flaw.

12) CVE-2024-7205: Security Vulnerability Leading to Device Takeover in eWeLink Cloud Service

The popular smart home platform eWeLink has issued a critical security advisory warning its users about a security vulnerability in its cloud service. Identified as CVE-2024-7205, this flaw (CVSS 9.4) allows unauthorized users to take over shared smart home devices.

13) Critical Vulnerabilities in Philips VUE PACS Put Healthcare Sector at Risk

Philips, a leading health technology company, recently disclosed multiple vulnerabilities in its Vue Picture Archiving and Communication System (PACS), a widely used medical imaging solution.

These vulnerabilities, if exploited, could allow attackers to gain unauthorized access to sensitive patient data, disrupt critical medical services, and manipulate diagnostic information.

• CVE-2020-36518: Out of Bounds Write (CVSS 7.1)
• CVE-2020-11113: Deserialization of Untrusted Data (CVSS 8.8)
• CVE-2020-35728: Deserialization of Untrusted Data (CVSS 9.3)
• CVE-2021-20190: Deserialization of Untrusted Data (CVSS 9.3)
• CVE-2020-14061: Deserialization of Untrusted Data (CVSS 9.3)
• CVE-2020-10673: Deserialization of Untrusted Data (CVSS 8.7)
• CVE-2019-12814: Deserialization of Untrusted Data (CVSS 8.7)
• CVE-2017-17485: Deserialization of Untrusted Data (CVSS 9.3)
• CVE-2021-28165: Uncontrolled Resource Consumption (CVSS 8.8)
• CVE-2023-40704: Use of Default Credentials (CVSS 8.4)
• CVE-2023-40539: Weak Password Requirement (CVSS 4.8)
• CVE-2023-40159: Exposure of Sensitive Information to an Unauthorized Actor (CVSS 8.8)

14) Major Vulnerability Threatens Softnext Email Systems: CVE-2024-5670

Taiwan’s Computer Emergency Response Team (CERT) has issued a critical warning regarding a severe vulnerability in Softnext’s Mail SQR Expert and Mail Archiving Expert email management systems. This vulnerability, designated as CVE-2024-5670 with a CVSS score of 9.8, poses a significant risk of remote code execution and potential compromise of sensitive data.

15) Security Alert for MOVEit Transfer Users: CVE-2024-6576

A security alert has been issued regarding a new high-severity vulnerability (CVE-2024-6576) in the MOVEit Transfer managed file transfer solution. This vulnerability, stemming from improper authentication mechanisms, allows attackers to escalate privileges within the system. It affects several versions of MOVEit Transfer released in 2023 and 2024.