A recently discovered vulnerability in Bitdefender’s GravityZone Update Server has raised significant security concerns.
Identified as CVE-2024-6980, this flaw allows attackers to execute server-side request forgery (SSRF) attacks, potentially compromising sensitive data and systems. With a CVSS score of 9.2, this vulnerability is categorized as critical.
The scoring breakdown indicates that the flaw is accessible remotely (AV:N), requires high attack complexity (AC:H), and does not require authentication (PR:N) or user interaction (UI:N).
The vulnerability’s impact on confidentiality, integrity, and availability is high (VC:H/VI:H/VA:H), emphasizing the urgent need for mitigation.
How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide
The root cause of CVE-2024-6980 is a verbose error handling issue within the GravityZone Update Server’s proxy service.
This flaw allows attackers to manipulate server requests, potentially leading to unauthorized access and data breaches. Security researcher Nicolas Verdier discovered and reported the vulnerability, also known as n1nj4sec.
Affected Product | Affected Versions | Fixed Version |
GravityZone Update Server | < 6.38.1-5 | 6.38.1-5 |
Bitdefender has promptly responded to the discovery by releasing an automatic update that fixes the issue.
Users running affected versions of the GravityZone Console are strongly advised to update to version 6.38.1-5 immediately. Ensuring that systems are up-to-date is crucial to prevent potential exploitation.
The discovery of CVE-2024-6980 underscores the importance of regular security updates and vigilant monitoring of critical systems.
Bitdefender’s swift action in addressing the vulnerability is commendable, but users must remain proactive in applying updates to safeguard their environments from similar threats.
Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access
IBM has issued a security bulletin warning of two vulnerabilities in its AIX operating system…
The Apache Software Foundation has issued a security alert regarding a critical vulnerability in Apache…
The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber espionage…
A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions…
Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer through…
An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the initial…