Critical Progress Flowmon Vulnerability Let Attackers Inject Malicious Code

A new critical vulnerability has been discovered in Progress Flowmon, assigned with CVE-2024-2389.

Progress Flowmon is a Cloud Application Performance monitoring solution that can help analyze network and application traffic.

Moreover, it can also be used for several purposes, such as Troubleshooting, network visibility, bandwidth monitoring, attack evidence and analysis, network capacity planning, and many others.

Last year, the progress software’s MOVEit Vulnerability was exploited widely by CL0P Ransomware Group.

Document
Run Free ThreatScan on Your Mailbox

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan with Sophisticated AI-Powered Email Protection .

However, this new vulnerability has been patched and a security advisory has also been released for addressing this vulnerability.

Technical Analysis – CVE-2024-2389

According to the advisory, the existence of this vulnerability has been confirmed in Flowmon versions v11.x and v12.x.

This vulnerability could allow an unauthenticated remote threat actor to gain access to the web interface of flowmon.

Once this access has been gained, the threat actor can then issue a specially crafted API command that will let the attacker execute arbitrary system commands without any authentication.

The severity for this vulnerability has been given a maximum of 10.0 (Critical).

Furthermore, this vulnerability also affects all the platforms of Flowmon versions 11.x and 12.x. Nevertheless, it has been confirmed that versions prior to 11.0 are not affected by this vulnerability.

However, there has been no evidence of threat actors exploiting this vulnerability in the wild.

Progress has immediately acted upon this vulnerability and has released the patched versions of Flowmon 12.3.5 and Flowmon 11.1.4.

In order to upgrade these versions, users can use the automatic package download feature on their Flowmon appliance or download the releases manually.

It is recommended that users of these product versions upgrade to the latest versions to prevent threat actors from exploiting this vulnerability.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide
Eswar

Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Recent Posts

“Bootkitty” – A First Ever UEFI Bootkit Attack Linux Systems

Cybersecurity researchers have uncovered the first-ever UEFI bootkit designed to target Linux systems. This discovery,…

2 hours ago

Matrix, A Single Actor Orchestrate Global DDOS Attack Campaign

Cybersecurity researchers have uncovered a widespread Distributed Denial-of-Service (DDoS) campaign attributed to a threat actor…

2 hours ago

Europol Dismantled Major Illegal IPTV Streaming Network Providers

In a major crackdown on illegal streaming, law enforcement authorities across Europe, supported by Europol…

2 hours ago

Microsoft Patches Multiple Vulnerabilities Allow Attackers to Elevate Privileges

Microsoft has recently released patches addressing multiple vulnerabilities that could enable attackers to elevate privileges…

3 hours ago

Why the MITRE ATT&CK Evaluation Is Essential for Security Leaders

In today’s dynamic threat landscape, security leaders are under constant pressure to make informed choices…

16 hours ago

Lazarus Hackers Exploits macOS Extended Attributes To Evade Detection

The xattr command in Unix-like systems allows for the embedding of hidden metadata within files,…

18 hours ago