Cyber Security News

CISA Warns of Aviatrix Controllers OS Command Injection Vulnerability Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a significant OS command injection vulnerability in Aviatrix Controllers, identified as CVE-2024-50603.

This vulnerability poses a serious risk, as it allows unauthenticated attackers to execute arbitrary code on affected systems, potentially leading to severe security breaches.

Vulnerability Details

The vulnerability, classified under the Common Weakness Enumeration (CWE) as CWE-78, can be exploited by sending specially crafted shell metacharacters to specific API endpoints.

Attackers can target the /v1/api interface, particularly through the parameters cloud_type in the list_flightpath_destination_instances call and src_cloud_type in the flightpath_connection_test function.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

This exploitation could allow malicious actors to gain control over the affected system, jeopardizing the security and integrity of the organization’s cloud infrastructure.

While it is currently unclear whether this vulnerability has been actively utilized in ransomware campaigns, the potential for abuse remains high.

The ability for unauthenticated users to execute arbitrary code could result in significant data breaches, disruption of services, and unauthorized access to sensitive information.

Organizations using Aviatrix Controllers are urged to prioritize security measures to mitigate this risk.

CISA advises organizations to take immediate action to protect their systems. The recommendations include:

  1. Apply Mitigations: Follow the vendor’s guidelines for applying necessary patches and mitigations. It is crucial to regularly check for updates related to this vulnerability.
  2. Discontinue Use: If mitigations are unavailable or cannot be implemented effectively, organizations should consider discontinuing the use of Aviatrix Controllers until a secure solution is available.
  3. Monitor Systems: Continuously monitor systems for any suspicious activity or unauthorized access attempts that could indicate exploitation of this vulnerability.

The discovery of CVE-2024-50603 serves as a stark reminder of the vulnerabilities present in cloud management tools.

Organizations must remain vigilant and proactive in their security measures to protect against potential exploitation.

As the deadline for addressing this vulnerability approaches—set for February 6, 2025—CISA emphasizes the need for immediate action to safeguard cloud infrastructures against this critical threat.

For further updates and detailed information, organizations are encouraged to regularly consult CISA’s advisories and follow best practices in cybersecurity to mitigate risks effectively.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Hack The box “Ghost” Challenge Cracked – A Detailed Technical Exploit

Cybersecurity researcher "0xdf" has cracked the "Ghost" challenge on Hack The Box (HTB), a premier…

9 hours ago

Sec-Gemini v1 – Google’s New AI Model for Cybersecurity Threat Intelligence

Google has unveiled Sec-Gemini v1, an AI model designed to redefine cybersecurity operations by empowering…

10 hours ago

U.S. Secures Extradition of Rydox Cybercrime Marketplace Admins from Kosovo in Major International Operation

The United States has successfully extradited two Kosovo nationals, Ardit Kutleshi, 26, and Jetmir Kutleshi,…

15 hours ago

Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild

Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect…

2 days ago

Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how…

2 days ago

EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures

EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of operational…

2 days ago