Friday, November 1, 2024
HomeCVE/vulnerabilityCritical Progress Flowmon Vulnerability Let Attackers Inject Malicious Code

Critical Progress Flowmon Vulnerability Let Attackers Inject Malicious Code

Published on

Malware protection

A new critical vulnerability has been discovered in Progress Flowmon, assigned with CVE-2024-2389.

Progress Flowmon is a Cloud Application Performance monitoring solution that can help analyze network and application traffic.

Moreover, it can also be used for several purposes, such as Troubleshooting, network visibility, bandwidth monitoring, attack evidence and analysis, network capacity planning, and many others.

- Advertisement - SIEM as a Service

Last year, the progress software’s MOVEit Vulnerability was exploited widely by CL0P Ransomware Group.

Document
Run Free ThreatScan on Your Mailbox

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan with Sophisticated AI-Powered Email Protection .

However, this new vulnerability has been patched and a security advisory has also been released for addressing this vulnerability.

Technical Analysis – CVE-2024-2389

According to the advisory, the existence of this vulnerability has been confirmed in Flowmon versions v11.x and v12.x.

This vulnerability could allow an unauthenticated remote threat actor to gain access to the web interface of flowmon.

Once this access has been gained, the threat actor can then issue a specially crafted API command that will let the attacker execute arbitrary system commands without any authentication.

The severity for this vulnerability has been given a maximum of 10.0 (Critical).

Furthermore, this vulnerability also affects all the platforms of Flowmon versions 11.x and 12.x. Nevertheless, it has been confirmed that versions prior to 11.0 are not affected by this vulnerability.

However, there has been no evidence of threat actors exploiting this vulnerability in the wild.

Progress has immediately acted upon this vulnerability and has released the patched versions of Flowmon 12.3.5 and Flowmon 11.1.4.

In order to upgrade these versions, users can use the automatic package download feature on their Flowmon appliance or download the releases manually.

It is recommended that users of these product versions upgrade to the latest versions to prevent threat actors from exploiting this vulnerability.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide
Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...