In this week's Security Advisory:
SonicWall's SonicOS has a critical issue that could allow attackers to conduct a denial of service attack against the firewall causing the firewall to crash. Tracked as CVE-2024-40766 with a CVSS score of 9.3 out of 10, is remotely exploitable with no privileges or user interaction required. The complexity of the attack required to exploit the flaw is considered "low."
Affected Versions
More Reading/Information
• https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-critical-access-control-flaw-in-sonicos/The Chinese state-sponsored hacking group Volt Typhoon is responsible for attacks that exploited a zero-day flaw in Versa Director, allowing them to upload a custom webshell to steal credentials and breach corporate networks. Versa Director is a management platform used by ISPs and MSPs to oversee virtual WAN connections established through SD-WAN services. The flaw, tracked as CVE-2024-39717 with a CVSS score of 7.2 out of 10, enabled threat actors with administrator privileges to upload malicious Java files disguised as PNG images, which could then be executed remotely.
Affected Versions
More Reading/Information
• https://www.helpnetsecurity.com/2024/08/27/cve-2024-39717-exploited/Hitachi has released a security update that addresses an Authentication Bypass vulnerability in Hitachi Ops Center Common Services. This vulnerability is being tracked as CVE-2024-7125 with a CVSS score of 7.8 out of 10.
Affected Versions
More Reading/Information
• https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-143/index.htmlSecurity updates were released by Google to address several vulnerabilities in Google Chrome Desktop. Google Chrome has issued a security update addressing CVE-2024-7971 and CVE-2024-7965 both a CVSS score of 8.8.
More Reading/InformationPlease review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to "vendor-supported versions" only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, Cybersafe strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.