On Monday, June 8, 2024, the ConnectWise Cyber Research Unit™ (CRU) was made aware of multiple vulnerabilities affecting Progress Software WhatsUp Gold prior to version 2023.1.3 (23.1.3). Exploitation of the #vulnerabilities would allow threat actors to execute arbitrary commands and compromise administrator accounts without prior authentication. The vulnerabilities are being tracked as CVE-2024-4883, CVE-2024-4885, and CVE-2024-5009. Learn more in this newsletter. #WhatsUp #CyberResearch #ConnectWiseCRU #CRU #CVE
ConnectWise’s Post
More Relevant Posts
-
"CISA issues a warning about an actively exploited security flaw in JetBrains TeamCity On-Premises software. The vulnerability (CVE-2024-27198, CVSS score: 9.8) is an authentication bypass bug, enabling a complete compromise of the server by a remote unauthenticated attacker. JetBrains has released a fix for this issue, along with another moderate-severity flaw (CVE-2024-27199, CVSS score: 7.3) allowing limited information disclosure and system modification." #usa #vulnerability #cve #jetbrains #cybersecurity
CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability
thehackernews.com
-
uPdate your systems
Heads up to people/orgs running ConnectWise ScreenConnect. There is a bad-as-it-gets bug being exploited right now that is basically no-tech hacking to gain remote admin access. Patch now if you haven't already. ConnectWise's advisory on the vulnerabilities and exploitation is here: https://lnkd.in/eJrhWwPQ A working proof of concept for this attack: https://lnkd.in/eD568hiH Huntress does a good job dissecting the ConnectWise advisory and showing the exploit in action. https://lnkd.in/exHktczd https://lnkd.in/e4FshcWb Will Dormann sums up the technical capabilities needed to exploit this flaw: "Apparently the exploit is to add a '/' to the end of the URI. That's it." https://lnkd.in/eY-gJ4-r
ConnectWise ScreenConnect 23.9.8 security fix
connectwise.com
-
[❗Security Bulletin - ownCloud Multiple Vulnerabilities: CVE-2023-49103, CVE-2023-49104, CVE-2023-49105] As these vulnerabilities allow potential attackers to extract administrator credentials and sensitive data from the platform, the Triskele Labs team advises that all organisations using this system should follow the remediation steps. ⤵ https://lnkd.in/gpy-cQx9
CVE-2023-49103, CVE-2023-49104 and CVE-2023-49105: ownCloud Multiple Vulnerabilities
triskelelabs.com
-
Leader in IT Governance & Strategic Business Consulting. Expert in implementing meaningful and impactful IT Governance.
Awareness needs to spread fast.
Heads up to people/orgs running ConnectWise ScreenConnect. There is a bad-as-it-gets bug being exploited right now that is basically no-tech hacking to gain remote admin access. Patch now if you haven't already. ConnectWise's advisory on the vulnerabilities and exploitation is here: https://lnkd.in/eJrhWwPQ A working proof of concept for this attack: https://lnkd.in/eD568hiH Huntress does a good job dissecting the ConnectWise advisory and showing the exploit in action. https://lnkd.in/exHktczd https://lnkd.in/e4FshcWb Will Dormann sums up the technical capabilities needed to exploit this flaw: "Apparently the exploit is to add a '/' to the end of the URI. That's it." https://lnkd.in/eY-gJ4-r
ConnectWise ScreenConnect 23.9.8 security fix
connectwise.com
-
CVE-2024-21762 in FortiOS has been making waves in the cyber community with Fortinet addressing the critical vulnerability. 🌊🌊🌊 Everything you need to know about the vulnerability is in our blog >> https://lnkd.in/gwqVmJc9
Urgent alert: Fix CVE-2024-21762 in FortiOS
https://vulcan.io
-
Heads up to people/orgs running ConnectWise ScreenConnect. There is a bad-as-it-gets bug being exploited right now that is basically no-tech hacking to gain remote admin access. Patch now if you haven't already. ConnectWise's advisory on the vulnerabilities and exploitation is here: https://lnkd.in/eJrhWwPQ A working proof of concept for this attack: https://lnkd.in/eD568hiH Huntress does a good job dissecting the ConnectWise advisory and showing the exploit in action. https://lnkd.in/exHktczd https://lnkd.in/e4FshcWb Will Dormann sums up the technical capabilities needed to exploit this flaw: "Apparently the exploit is to add a '/' to the end of the URI. That's it." https://lnkd.in/eY-gJ4-r
ConnectWise ScreenConnect 23.9.8 security fix
connectwise.com
-
https://lnkd.in/dJKi-5cr Ivanti, whose products have been a big target for attackers recently, has disclosed two more critical vulnerabilities in its technologies — raising more questions about the security of its products in the process. One of the flaws, tracked as CVE-2023-41724 (CVSS vulnerability-severity score of 9.6 out of 10) is a remote code execution vulnerability in Ivanti Standalone Sentry that researchers from NATO Cyber Security Center reported to the company. The second flaw that Ivanti disclosed this week is CVE-2023-46808 (CVSS score of 9.9) in Ivanti Neurons for IT Service Management (ITSM).
Ivanti Keeps Security Teams Scrambling With 2 More Vulns
darkreading.com
-
On June 25, Progress disclosed two vulnerabilities: CVE-2024-5805, a critical severity authentication bypass vulnerability affecting MOVEit Gateway (SFTP module); and CVE-2024-5806, a high-severity authentication bypass vulnerability affecting MOVEit Transfer. Learn more about these vulnerabilities, how threat actors may exploit them, and our recommendations for remediation in our latest security bulletin: https://lnkd.in/gD9urmXu #EndCyberRisk
CVE-2024-5805 & CVE-2024-5806 | Arctic Wolf
arcticwolf.com
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation. As a result, it is crucial for organizations to be aware of these vulnerabilities and take the necessary steps to secure their systems. #vulnerability #exploit #infosec #devsecops
CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products
thehackernews.com
very interesting!