In this week's Security Advisory:
F5 has released patches for nine (9) vulnerabilities as part of its August 2024 quarterly security update within BIG-IP and NGINX Plus. The most severe flaw is tracked as CVE-2024-38909 (CVSS score 8.9 out of 10), and is a vulnerability within the BIG-IP Central Manager that can allow an attacker to obtain a user's session cookies to continue access. Another high severity flaw tracked as CVE-2024-39778 (CVSS score 8.7 out of 10), allows a remote unauthenticated attacker to cause a denial-of-service (DoS) on the BIG-IP system. Customers should update to the latest patch to address all vulnerabilities as soon as possible.
More Reading/Information
Multiple vulnerabilities within Microsoft Outlook Email client have seen a recent uptick in exploitation in the wild. Recently patched CVE-2024-30103 (CVSS score of 8.8 out of 10), CVE-2024-38173 (CVSS score of 6.7 out of 10), and CVE-2024-38021 (CVSS score of 8.8 out of 10) can lead to an attacker gaining remote code execution. Customers should patch their Microsoft Outlook Email client applications as soon as possible.
More Reading/Information
A critical vulnerability in the GiveWP WordPress plugin, a donation and fundraising platform tool, could be exploited to execute remote code and delete arbitrary files. Tracked as CVE-2024-5932, (CVSS score 10 out of 10), unauthenticated attackers could trigger the security flaw to execute arbitrary code remotely or delete sensitive data.
Affected Products
More Reading/Information
Microsoft has disabled a released fix for a BitLocker security feature bypass vulnerability because of firmware incompatibility issues that were causing patched Windows devices to enter BitLocker recovery mode. Tracked as CVE-2024-38058 (CVSS score 6.8 of 10), the vulnerability allows attackers to bypass the BitLocker Device Encryption feature and access encrypted data if they have physical access to the targeted device. After disabling the fix, Microsoft recommends that anyone looking to safeguard their systems and data from CVE-2024-38058 attacks should implement the mitigation measures outlined in the KB5025885 advisory.
Affected Products
More Reading/Information
Fortinet has released patches which address several vulnerabilities that affect FortiOS, FortiProxy, FortiPAM, FortiSwitchManager, FortiManager, and FortiAnalyzer products. If exploited, these vulnerabilities could allow an attacker to have unauthorized access and privilege escalation. Customers should update to the latest patch available.
More Reading/Information
Zoom has announced patches for 15 vulnerabilities across its products, including two high-severity issues. The most severe is tracked as CVE-2024-39825 (CVSS score of 8.5 out of 10) and could allow for an authenticated attacker to escalate their privileges over the network. CVE-2024-39818 (CVSS score of 7.5) affects the Zoom Workplace applications and Meeting SDKs for both desktop and mobile. It could allow authenticated users to access restricted information over the network.
More Reading/Information
Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to "vendor-supported versions" only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, Cybersafe strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.