A recently discovered vulnerability in Bitdefender’s GravityZone Update Server has raised significant security concerns.
Identified as CVE-2024-6980, this flaw allows attackers to execute server-side request forgery (SSRF) attacks, potentially compromising sensitive data and systems. With a CVSS score of 9.2, this vulnerability is categorized as critical.
The scoring breakdown indicates that the flaw is accessible remotely (AV:N), requires high attack complexity (AC:H), and does not require authentication (PR:N) or user interaction (UI:N).
The vulnerability’s impact on confidentiality, integrity, and availability is high (VC:H/VI:H/VA:H), emphasizing the urgent need for mitigation.
How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide
The root cause of CVE-2024-6980 is a verbose error handling issue within the GravityZone Update Server’s proxy service.
This flaw allows attackers to manipulate server requests, potentially leading to unauthorized access and data breaches. Security researcher Nicolas Verdier discovered and reported the vulnerability, also known as n1nj4sec.
| Affected Product | Affected Versions | Fixed Version |
| GravityZone Update Server | < 6.38.1-5 | 6.38.1-5 |
Bitdefender has promptly responded to the discovery by releasing an automatic update that fixes the issue.
Users running affected versions of the GravityZone Console are strongly advised to update to version 6.38.1-5 immediately. Ensuring that systems are up-to-date is crucial to prevent potential exploitation.
The discovery of CVE-2024-6980 underscores the importance of regular security updates and vigilant monitoring of critical systems.
Bitdefender’s swift action in addressing the vulnerability is commendable, but users must remain proactive in applying updates to safeguard their environments from similar threats.
Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access
MITRE has unveiled the Offensive Cyber Capability Unified LLM Testing (OCCULT) framework, a groundbreaking methodology…
A significant cybersecurity breach at Genea, one of Australia’s largest in vitro fertilization (IVF) providers,…
A critical set of 20 security vulnerabilities in GRUB2, the widely used bootloader for Linux…
Telecommunications provider Orange Communication faces a potential data breach after a threat actor using the pseudonym “Rey” claimed…
A series of critical security vulnerabilities in the widely-used Rsync file synchronization tool have been…
A critical security vulnerability in the Essential Addons for Elementor plugin, installed on over 2 million WordPress…