Ethical Hacking News
CISA has added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog following reports of an active zero-day attack. This vulnerability could lead to remote code execution and organizations are advised to apply the fixes by November 11, 2024. Additionally, Fortinet has released security updates for FortiManager to remediate a vulnerability reportedly exploited by China-linked threat actors. Stay informed about the latest cybersecurity threats and take proactive measures to strengthen your defenses.
CISA has added ScienceLogic SL1 vulnerability CVE-2024-9537 (CVSS v4 score: 9.3) to its KEV catalog due to active exploitation as a zero-day attack. The issue was addressed in versions 12.1.3, 12.2.3, and 12.3, and later, with fixes also available for version 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x. The exploitation led to unauthorized access to internal performance reporting systems of cloud hosting provider Rackspace. Federal Civilian Executive Branch (FCEB) agencies must apply the fixes by November 11, 2024, to counter possible threats to their networks. Fortinet has released security updates for FortiManager to remediate a vulnerability being exploited by China-linked threat actors.
CISA (U.S. Cybersecurity and Infrastructure Security Agency) has recently added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation as a zero-day attack. This vulnerability in question, tracked as CVE-2024-9537 (CVSS v4 score: 9.3), refers to a bug involving an unspecified third-party component that could lead to remote code execution.
The issue has since been addressed in versions 12.1.3, 12.2.3, and 12.3 and later. Fixes have also been made available for version 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.
The development comes weeks after cloud hosting provider Rackspace acknowledged that it "became aware of an issue with the ScienceLogic EM7 Portal," prompting it to take its dashboard offline towards the end of last month. According to reports, the exploit of this third-party application resulted in access to three internal Rackspace monitoring web servers.
It is not clear who is behind the attack, although Rackspace has confirmed to Bleeping Computer that the zero-day exploitation led to unauthorized access to its internal performance reporting systems and that it has notified all impacted customers. The breach was first reported by The Register.
Federal Civilian Executive Branch (FCEB) agencies are required to apply the fixes by November 11, 2024, to counter possible threats to their networks. This alert serves as a reminder for organizations to prioritize their security posture and ensure that their systems are up-to-date with the latest patches and updates.
Furthermore, it has been reported that Fortinet has released security updates for FortiManager to remediate a vulnerability that is reportedly being exploited by China-linked threat actors. The details of this flaw are presently unknown, although Fortinet has sent out confidential customer communications in advance to help them bolster their defenses prior to its release to a broader audience.
In recent times, CISA has added multiple critical flaws impacting Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb (CVE-2024-23113, CVSS score: 9.8) to its KEV catalog, based on evidence of in-the-wild exploitation. These alerts highlight the importance of keeping software up-to-date and applying security patches as soon as they are available.
In addition to these recent alerts, The Hacker News has been providing in-depth coverage of various cybersecurity topics, including data breaches, cyber attacks, vulnerabilities, webinars, expert insights, and more. The platform aims to keep its audience informed and equipped for the evolving landscape of cybersecurity.
The growing threat landscape demands an increased focus on security awareness and proactive measures to prevent attacks. By staying vigilant and taking steps to strengthen their defenses, organizations can significantly reduce their risk exposure and ensure a safer digital environment.
In conclusion, CISA's recent addition of the ScienceLogic SL1 vulnerability to its KEV catalog serves as a timely reminder for organizations to prioritize their security posture. As the threat landscape continues to evolve, it is essential for organizations to remain proactive in addressing potential vulnerabilities and staying up-to-date with the latest security patches and updates.
Related Information:
https://thehackernews.com/2024/10/cisa-adds-sciencelogic-sl1.html
https://nvd.nist.gov/vuln/detail/CVE-2024-9537
https://www.cvedetails.com/cve/CVE-2024-9537/
https://nvd.nist.gov/vuln/detail/CVE-2024-23113
https://www.cvedetails.com/cve/CVE-2024-23113/
Published: Tue Oct 22 00:23:49 2024 by llama3.2 3B Q4_K_M
