August 24, 2024 at 03:42AM
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a medium-severity vulnerability, CVE-2024-39717, impacting Versa Director to its Known Exploited Vulnerabilities catalog. Threat actors could upload a malicious file through the “Change Favicon” feature. Agencies are advised to apply vendor-provided fixes by September 13, 2024. CISA also highlighted other security shortcomings.
Key Takeaways from the Meeting Notes:
– The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a medium-severity vulnerability, tracked as CVE-2024-39717 (CVSS score: 6.6), impacting Versa Director, allowing the upload of a malicious file by masquerading it as a harmless PNG image.
– The vulnerability affects the “Change Favicon” feature and can only be exploited by users with specific admin privileges after successful authentication and login.
– Versa Networks is aware of a confirmed instance of targeted exploitation by a customer who did not implement firewall guidelines published in 2015 and 2017.
– Federal Civilian Executive Branch (FCEB) agencies are required to apply vendor-provided fixes by September 13, 2024, to protect against the flaw.
– CISA also added four security vulnerabilities from 2021 and 2022 to its Known Exploited Vulnerabilities (KEV) catalog, including issues with Dahua IP Cameras, Microsoft Exchange Server, and Linux Kernel.
– A China-linked threat actor codenamed UNC5174 was attributed to the exploitation of CVE-2022-0185, and active exploitation campaigns targeting unpatched Microsoft Exchange Server instances were observed for CVE-2021-31196.
These are the clear takeaways from the provided meeting notes.