Welcome to the monthly Vulnerability Report. In this report, we provide an overview of the most significant security vulnerabilities identified in the past month. Our focus is on vulnerabilities that are being actively exploited, which pose the biggest risk to you. Stay informed about the latest threats and take proactive steps to secure your systems against the latest attacks.
First things first, what is a CVE?
A CVE, or Common Vulnerabilities and Exposures, is a standardised identifier for known cybersecurity vulnerabilities. The purpose of CVEs is to provide a standardised method for identifying and cataloging security vulnerabilities, which helps organisations prioritise their vulnerability management efforts.
Why are CVEs important?
CVEs are publicly known vulnerabilities, some of them, like the ones listed below are currently being exploited, making sure you have the correct patches installed ensures your systems are safe from these attacks.
Actively Exploited
The following vulnerabilities are being actively exploited.
CVE-2024-11680 (Critical – 9.8)
Details: Improper authentication vulnerability allowing unauthorised attackers to modify application configurations, create accounts, upload webshells, and embed malicious JavaScript.
Affected Software: ProjectSend
Affected Version: Versions prior to r1720
CVE-2024-0012 (Critical – 9.8)
Details: Authentication bypass allowing attackers to gain administrator privileges and tamper with configurations.
Affected Software: Palo Alto Networks PAN-OS
Affected Versions: PAN-OS 10.2, 11.0, 11.1, 11.2; Cloud NGFW and Prisma Access not affected
CVE-2024-49039 (High – 8.8)
Details: Elevation of privilege vulnerability in Windows Task Scheduler.
Affected Software: Microsoft Windows Task Scheduler
Affected Version: Not specified
CVE-2024-44308 (High – 8.8)
Details: Arbitrary code execution vulnerability when processing maliciously crafted web content. May have been actively exploited on Intel-based Mac systems.
Affected Software: Apple Safari, iOS, iPadOS, macOS, visionOS
Affected Versions: Safari 18.1.1, iOS/iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS/iPadOS 18.1.1, visionOS 2.1.1
CVE-2024-43093 (High – 7.8)
Details: Incorrect Unicode normalisation leading to bypass of file path filters and local escalation of privilege.
Affected Software: Android ExternalStorageProvider
CVE-2024-11667 (High – 7.5)
Details: Directory traversal vulnerability that allows attackers to download or upload files via crafted URLs.
Affected Software: Zyxel ATP, USG FLEX, USG FLEX 50(W), and USG20(W)-VPN series firmware
Affected Versions: ATP and USG FLEX (V5.00 through V5.38), USG FLEX 50(W) and USG20(W)-VPN (V5.10 through V5.38)
CVE-2024-21287 (High – 7.5)
Details: Easily exploitable vulnerability allowing unauthorised access to critical data or complete compromise of accessible data.
Affected Software: Oracle Agile PLM Framework
Affected Version: 9.3.6
CVE-2024-9474 (High – 7.2)
Details:Privilege escalation vulnerability allowing administrators to perform actions on firewalls with root privileges.
Affected Software: Palo Alto Networks PAN-OS
Affected Version: Specific PAN-OS configurations; Cloud NGFW and Prisma Access not affected
CVE-2024-43451 (Medium – 6.5)
Details: NTLM hash disclosure vulnerability allowing spoofing attacks.
Affected Software: Microsoft NTLM
CVE-2024-44309 (Medium – 6.3)
Details: Cookie management issue that could lead to cross-site scripting when processing malicious web content. May have been actively exploited on Intel-based Mac systems.
Affected Software: Apple Safari, iOS, iPadOS, macOS, visionOS
Affected Versions: Safari 18.1.1, iOS/iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS/iPadOS 18.1.1, visionOS 2.1.1
What To Do
If you are currently running software listed above, make sure you install the latest version to stay secure.
As a leading cybersecurity company, we are on the forefront of security research, constantly monitoring for emerging threats. With best in class security expertise, we are able to help you secure your assets to the highest levels.
Visit rivanorth.com to find out more.
You build the future. We help you secure it.