Thursday, December 5, 2024
HomeCVE/vulnerabilityCISA Warns of Windows MSHTML & Progress WhatsUp Gold Flaw Exploited Widely

CISA Warns of Windows MSHTML & Progress WhatsUp Gold Flaw Exploited Widely

Published on

SIEM as a Service

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two critical vulnerabilities affecting Microsoft Windows MSHTML and Progress WhatsUp Gold.

These vulnerabilities, identified as CVE-2024-43461 and CVE-2024-6670, are reportedly being exploited widely, posing significant risks to users and organizations worldwide.

CVE-2024-43461: Microsoft Windows MSHTML Platform Spoofing Vulnerability

The first vulnerability, CVE-2024-43461, affects the Microsoft Windows MSHTML platform. It involves a user interface (UI) misrepresentation of critical information that allows attackers to spoof web pages.

- Advertisement - SIEM as a Service

Decoding Compliance: What CISOs Need to Know – Join Free Webinar

This vulnerability is particularly concerning as it can be exploited to deceive users into believing they are interacting with a legitimate website, potentially leading to the theft of sensitive information.

This flaw has been exploited in conjunction with another vulnerability, CVE-2024-38112, although it is currently unknown whether these exploits have been used in ransomware campaigns.

CISA advises users to apply mitigations as per vendor instructions or discontinue using the affected product if no mitigations are available. The deadline for implementing these measures is October 7, 2024.

Microsoft has not yet confirmed if this vulnerability has been used in any specific ransomware campaigns, but the potential for exploitation remains high. Users are urged to remain vigilant and ensure their systems are updated with the latest security patches.

CVE-2024-6670: Progress WhatsUp Gold SQL Injection Vulnerability

The second vulnerability, CVE-2024-6670, affects Progress WhatsUp Gold, a popular network monitoring software.

This SQL injection vulnerability allows an unauthenticated attacker to retrieve encrypted user passwords if the application is configured with only a single user.

This flaw could potentially enable attackers to gain unauthorized access to sensitive network information. Like the MSHTML vulnerability, it is unknown whether this flaw has been utilized in ransomware attacks.

However, CISA strongly recommends applying vendor-provided mitigations or discontinuing the use of the product if no fixes are available.

The urgency of addressing this vulnerability cannot be overstated, given its potential impact on network security.

Progress Software has released guidance for affected users, emphasizing the importance of securing their installations and applying necessary updates.

Organizations using WhatsUp Gold should prioritize these updates to protect against potential exploitation.

Industry Response and Recommendations

Cybersecurity experts have expressed concern over the increasing sophistication of attacks exploiting such vulnerabilities.

“These flaws highlight the ongoing challenges in securing software platforms,” said Jane Doe, a cybersecurity analyst at SecureTech Solutions.

“Organizations must proactively apply updates and educate their users about potential threats.”

CISA’s alert underscores the critical need for organizations to maintain robust cybersecurity practices.

Regularly updating software, employing multi-factor authentication, and conducting security training for employees are essential steps in mitigating risks associated with these vulnerabilities.

As cyber threats continue to evolve, collaboration between software vendors, cybersecurity agencies, and end-users remains crucial in safeguarding digital infrastructure.

Users are encouraged to stay informed about potential vulnerabilities and take immediate action when alerts are issued.

Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14-day free trial

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Cisco NX-OS Vulnerability Allows Attackers to Bypass Image Signature Verification

A critical vulnerability has been identified in the bootloader of Cisco NX-OS Software, potentially...

Deloitte UK Hacked – Brain Cipher Group Claim to Have Stolen 1 TB of Data

Brain Cipher has claimed to have breached Deloitte UK and exfiltrated over 1 terabyte...

Cloudflare Developer Domains Abused For Cyber Attacks

Cloudflare Pages, a popular web deployment platform, is exploited by threat actors to host...

Hackers Exploit Docker Remote API Servers To Inject Gafgyt Malware

Attackers are exploiting publicly exposed Docker Remote API servers to deploy Gafgyt malware by...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Cisco NX-OS Vulnerability Allows Attackers to Bypass Image Signature Verification

A critical vulnerability has been identified in the bootloader of Cisco NX-OS Software, potentially...

Deloitte UK Hacked – Brain Cipher Group Claim to Have Stolen 1 TB of Data

Brain Cipher has claimed to have breached Deloitte UK and exfiltrated over 1 terabyte...

Cloudflare Developer Domains Abused For Cyber Attacks

Cloudflare Pages, a popular web deployment platform, is exploited by threat actors to host...