Versa Director Zero-day Vulnerability Let Attackers Upload Malicious Files

Versa Networks specializes in successful business. It offers Secure Access Service Edge (SASE), consolidating networking and security services in a single, cloud-based platform.

Enterprises and service providers can redesign their networks to achieve new levels of business success with the help of their SD-WAN and SD-LAN product portfolios.

The Security Research Team of Versa recently unveiled a zero-day vulnerability in its virtualization and service creation platform, Versa Director.

The vulnerability has been tracked as “CVE-2024-39717. ” It’s a privilege escalation flaw with a severity level of “High.”

Technical Analysis

In an unusual move, an Advanced Persistent threat actor has been spotted actively exploiting a high-severity vulnerability (CVE-2024-39717) in Versa Director, a Versa Networks SD-WAN Solution component.

Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN -14-day free trial

All Versa SD-WAN customers who access Versa Director without the benefit of implemented system hardening and firewall guidelines are under severe threat from this vulnerability, as threat actors can compromise their network and its resources by evading entry controls using bypass authentication.

This particular vulnerability is still considered “High” in the Common Vulnerability Scoring System (CVSS) because it is relatively likely to result in remote code execution and lateral movement within the affected networks.

Consequently, the CISA has covered this vulnerability in its list of practicing denial-of-service attacks.

The targeting focuses on less hardened and consequently more vulnerable Versa SD-WAN systems, compromising Features such as Network Segmentation, Traffic Routing, and Security Policies, among others.

Affected organizations are warned to use the available security patches, perform additional hardening as recommended by Versa, and consider using other network segmentation and monitoring systems to prevent and detect exploitation attempts.

Besides, the patched version is 22.1.4, and here below, we have mentioned the affected systems and versions:-

Versa Director:   

• 21.2.3
• 22.1.2
• 22.1.3

Recommendations

Here below we have mentioned all the recommendations:-

• Apply hardening best practices.
• Upgrade the Director to one of the remediated versions.
• Check to see if the vulnerability has already been exploited.

Protect Your Business with Cynet Managed All-in-One Cybersecurity Platform – Try Free Trial