Thursday, December 5, 2024
HomeCVE/vulnerabilityVersa Director Zero-day Vulnerability Let Attackers Upload Malicious Files

Versa Director Zero-day Vulnerability Let Attackers Upload Malicious Files

Published on

SIEM as a Service

Versa Networks specializes in successful business. It offers Secure Access Service Edge (SASE), consolidating networking and security services in a single, cloud-based platform.

Enterprises and service providers can redesign their networks to achieve new levels of business success with the help of their SD-WAN and SD-LAN product portfolios.

The Security Research Team of Versa recently unveiled a zero-day vulnerability in its virtualization and service creation platform, Versa Director.

- Advertisement - SIEM as a Service

The vulnerability has been tracked as “CVE-2024-39717. ” It’s a privilege escalation flaw with a severity level of “High.”

Technical Analysis

In an unusual move, an Advanced Persistent threat actor has been spotted actively exploiting a high-severity vulnerability (CVE-2024-39717) in Versa Director, a Versa Networks SD-WAN Solution component.

Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN -14-day free trial

All Versa SD-WAN customers who access Versa Director without the benefit of implemented system hardening and firewall guidelines are under severe threat from this vulnerability, as threat actors can compromise their network and its resources by evading entry controls using bypass authentication.

This particular vulnerability is still considered “High” in the Common Vulnerability Scoring System (CVSS) because it is relatively likely to result in remote code execution and lateral movement within the affected networks.

Consequently, the CISA has covered this vulnerability in its list of practicing denial-of-service attacks.

The targeting focuses on less hardened and consequently more vulnerable Versa SD-WAN systems, compromising Features such as Network Segmentation, Traffic Routing, and Security Policies, among others.

Affected organizations are warned to use the available security patches, perform additional hardening as recommended by Versa, and consider using other network segmentation and monitoring systems to prevent and detect exploitation attempts.

Besides, the patched version is 22.1.4, and here below, we have mentioned the affected systems and versions:-

Versa Director:   

  • 21.2.3 
  • 22.1.2 
  • 22.1.3 

Recommendations

Here below we have mentioned all the recommendations:-

  • Apply hardening best practices.
  • Upgrade the Director to one of the remediated versions.
  • Check to see if the vulnerability has already been exploited. 

Protect Your Business with Cynet Managed All-in-One Cybersecurity Platform – Try Free Trial

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL...

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...

HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to...

Fuji Electric Indonesia Hit by Ransomware Attack

Fuji Electric Indonesia has fallen victim to a ransomware attack, impacting its operations and...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL...

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...

HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to...