In this week's Security Advisory:
This vulnerability is found in Cleo's LexiCom, VLTrader, and Harmony products. The vulnerability, CVE-2024-50623, was originally announced in October with a patch, however, it was recently determined that the patch did not work fully to resolve the issue. This vulnerability can allow a remote attacker to bypass authentication and access the product. A proof-of-concept was released for this too.
Affected Versions
More Reading/Information
Ivanti released a patch for CVE-2024-11639 (CVSS10/10), that allows a remote attacker to bypass authentication in the admin web console. This allows them to gain administrative privileges with no user interaction. Ivanti released multiple patches for other vulnerabilities in different appliances as well.
Affected Versions
More Reading/Information
Tuesday, Microsoft announced patches for seventy-one (71) vulnerabilities, including sixteen (16) critical remote execution vulnerabilities. One of the patches is for a privilege escalation vulnerability, CVE-2024-49138 (CVSS 7.8/10) which allows an attacker to gain SYSTEM privileges and is being actively exploited.
Affected Versions
More Reading/Information
SAP has released its December patches addressing nine new vulnerabilities and updating four previous ones. The most critical is CVE-2024-47578 (CVSS 9.1/10), this allows an attacker with admin privileges to send a crafted request from a vulnerable web app. Successful exploitation would allow them to read or modify any file and potentially make the entire application unavailable.
Affected Versions
More Reading/Information
Atlassian has announced patches to twelve (12) high-severity vulnerabilities affecting the Bamboo Data Center and Server, Bitbucket Data Center and Server, and Confluence Data Center and Server. Atlassian has made no mention of these vulnerabilities being exploited in the wild.
Affected Versions
More Reading/Information
Google Chrome announced the release of Chrome 131.0.6778.140 for Windows and Mac and 131.0.6778.139 for Linux. These updates addressed two new vulnerabilities. These are both High Severity use after free vulnerabilities which could lead to remote code execution.
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. There are currently no reports of these vulnerabilities being exploited in the wild.
More Reading/Information
Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to "vendor-supported versions" only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, Cybersafe strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.