SolarWinds has launched patches to deal with a essential safety vulnerability in its Internet Assist Desk software program that may very well be exploited to execute arbitrary code on inclined cases.
The flaw, tracked as CVE-2024-28986 (CVSS rating: 9.8), has been described as a deserialization bug.
“SolarWinds Internet Assist Desk was discovered to be inclined to a Java deserialization distant code execution vulnerability that, if exploited, would enable an attacker to run instructions on the host machine,” the corporate mentioned in an advisory.
“Whereas it was reported as an unauthenticated vulnerability, SolarWinds has been unable to breed it with out authentication after thorough testing.”
The flaw impacts all variations of SolarWinds Internet Assist Desk together with and previous to 12.8.3. It has been addressed in hotfix model 12.8.3 HF 1.
The disclosure comes as Palo Alto Networks patched a high-severity vulnerability affecting Cortex XSOAR that might end in command injection and code execution.
Assigned the CVE identifier CVE-2024-5914 (CVSS rating: 7.0), the shortcoming impacts all variations of Cortex XSOAR CommonScripts earlier than 1.12.33.
“A command injection concern in Palo Alto Networks Cortex XSOAR CommonScripts Pack permits an unauthenticated attacker to execute arbitrary instructions inside the context of an integration container,” the corporate mentioned.
“To be uncovered, an integration should make use of the ScheduleGenericPolling or GenericPollingScheduledTask scripts from the CommonScripts pack.”
Additionally addressed by Palo Alto Networks are two moderate-severity points listed under –
- CVE-2024-5915 (CVSS rating: 5.2) – A privilege escalation (PE) vulnerability within the GlobalProtect app on Home windows gadgets that permits an area person to execute applications with elevated privileges
- CVE-2024-5916 (CVSS rating: 6.0) – An info publicity vulnerability in PAN-OS software program that permits an area system administrator to entry secrets and techniques, passwords, and tokens of exterior techniques
Customers are really helpful to replace to the most recent model to mitigate potential dangers. As a precautionary measure, it is also suggested to revoke the secrets and techniques, passwords, and tokens which are configured in PAN-OS firewalls after the improve.
Replace
The U.S. Cybersecurity and Infrastructure Safety Company (CISA) has added the SolarWinds flaw CVE-2024-28986 to its Identified Exploited Vulnerabilities (KEV) catalog, primarily based on proof of lively exploitation. Federal companies are required to use the fixes by September 5, 2024.