In this week's Security Advisory:
A critical vulnerability in SolarWinds' Web Help Desk solution for customer support could be exploited to execute remote code. Tracked as CVE-2024-28986, with a CVSS score of 9.8 out of 10, it could allow an attacker to run commands on a vulnerable host. Web Help Desk (WHD) is an IT help desk software.
Affected Versions
More Reading/Information
The August 13th edition of Microsoft's Patch Tuesday includes security updates for eighty-nine (89) flaws of which eight (8) are considered critical. The patches also address the following six (6) vulnerabilities that are under active exploitation:
• CVE-2024-38178, CVSS score 7.5 out of 10 - Scripting Engine Memory Corruption Vulnerability
• CVE-2024-38193, CVSS score 7.8 out of 10- Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
• CVE-2024-38213, CVSS score 6.5 out of 10 - Windows Mark of the Web Security Feature Bypass Vulnerability
• CVE-2024-38106, CVSS score 7.0 out of 10 - Windows Kernel Elevation of Privilege Vulnerability
• CVE-2024-38107, CVSS score 7.8 out of 10 - Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
• CVE-2024-38189, CVSS score 8.8 out of 10 - Microsoft Project Remote Code Execution Vulnerability
More Reading/Information
• https://www.securityweek.com/microsoft-warns-of-six-windows-zero-days-being-actively-exploited/
• https://www.bleepingcomputer.com/news/microsoft/new-windows-smartscreen-bypass-exploited-as-zero-day-since-march/
• https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2024-patch-tuesday-fixes-9-zero-days-6-exploited/
Microsoft has revealed an unpatched zero-day vulnerability in Office that, if successfully exploited, could lead to the unauthorized disclosure of sensitive information to malicious actors. Tracked as CVE-2024-38200, CVSS score 7.5 out of 10, this vulnerability stems from an information disclosure weakness that allows unauthorized actors to access protected information.
Affected Versions
Microsoft has revealed four medium-severity security flaws in the open-source OpenVPN software that could be combined to achieve remote code execution (RCE) and local privilege escalation (LPE). Identified as CVE-2024-27459, CVSS score 7.8, CVE-2024-24974, CVSS score of 7.5, and CVE-2024-27903, CVSS score 9.8, these vulnerabilities affect OpenVPN's openvpnserv component. Another flaw, related to the Windows TAP driver and tracked as CVE-2024-1305, could be exploited to trigger denial-of-service conditions. User authentication is needed to exploit this flaw. It is important to note that these flaws are present on the client side of OpenVPN, not the server side.
Affected Versions
More Reading/Information
• https://www.microsoft.com/en-us/security/blog/2024/08/08/chained-for-attack-openvpn-vulnerabilities-discovered-leading-to-rce-and-lpe/Several vulnerabilities have been identified in Ivanti products, with the most severe potentially allowing remote code execution. Tracked as CVE-2024-75, with a CVSS score of 9.8 out of 10, this authentication bypass vulnerability could allow unauthenticated attackers to bypass authentication on Internet-exposed vTM admin panels.
This also includes CVE-2024-7569 (CVSS score: 9.6) and CVE-2024-7570 (CVSS score: 8.3) which Ivanti has also addressed.
Affected Products:
More Reading/Information
• https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-vtm-auth-bypass-with-public-exploit/
• https://duo.com/decipher/exploit-code-available-for-critical-ivanti-vtm-bug
Adobe has released patches for at least seventy-two (72) security vulnerabilities across multiple products, warning that Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service attacks.
Affected Versions:
• https://www.securityweek.com/adobe-calls-attention-to-massive-batch-of-code-execution-flaws/
• https://cybersecuritynews.com/adobe-patches-vulnerabilities/
SAP has released its August 2024 security patch update, addressing seventeen (17) new vulnerabilities, including two (2) critical flaws that could enable attackers to bypass authentication and fully compromise affected systems. The most severe vulnerability tracked as CVE-2024-41730, with a CVSS score of 9.8 out of 10, affects SAP BusinessObjects Business Intelligence Platform versions 430 and 440. The second critical vulnerability tracked as CVE-2024-29415, with a CVSS score of 9.1 out of 10, is a server-side request forgery flaw in applications built with SAP Build Apps versions earlier than 4.11.130.
More Reading/Information
• https://www.bleepingcomputer.com/news/security/critical-sap-flaw-allows-remote-attackers-to-bypass-authentication/
• https://www.securityweek.com/sap-patches-critical-vulnerabilities-in-businessobjects-build-apps/
• https://thecyberexpress.com/sap-update-critical-vulnerabilities-hackers/
• https://cybersecuritynews.com/sap-hackers-bypass-authentication/
Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to "vendor-supported versions" only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, Cybersafe strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.