Security
Headlines
HeadlinesLatestCVEs

Headline

CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation as a zero-day. The vulnerability in question, tracked as CVE-2024-9537 (CVSS v4 score: 9.3), refers to a bug involving an unspecified third-party component that could

The Hacker News
#vulnerability#web#ios#rce#auth#zero_day#The Hacker News

Vulnerability / Cyber Threat

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation as a zero-day.

The vulnerability in question, tracked as CVE-2024-9537 (CVSS v4 score: 9.3), refers to a bug involving an unspecified third-party component that could lead to remote code execution.

The issue has since been addressed in versions 12.1.3, 12.2.3, and 12.3 and later. Fixes have also been made available for version 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.

The development comes weeks after cloud hosting provider Rackspace acknowledged that it “became aware of an issue with the ScienceLogic EM7 Portal,” prompting it to take its dashboard offline towards the end of last month.

“We have confirmed that the exploit of this third-party application resulted in access to three internal Rackspace monitoring web servers,” an account named ynezzor said in an X post on September 28, 2024.

It’s not clear who is behind the attack, although Rackspace has confirmed to Bleeping Computer that the zero-day exploitation led to unauthorized access to its internal performance reporting systems and that it has notified all impacted customers. The breach was first reported by The Register.

Federal Civilian Executive Branch (FCEB) agencies are required to apply the fixes by November 11, 2024, to counter possible threats to their networks.

Fortinet Patches Likely Exploited Flaw

The development comes as Fortinet has released security updates for FortiManager to remediate a vulnerability that is reportedly being exploited by China-linked threat actors.

Details about the flaw are presently unknown, although Fortinet, in the past, has sent out confidential customer communications in advance to help them bolster their defenses prior to it being released to a broader audience. The Hacker News has reached out to the company, and we will update the story if we hear back.

“FortiGate have released one of the six new versions of FortiManager which fix the actively exploited zero day in the product… but they’ve not issued a CVE or documented the issue existing in the release notes. Next week maybe?,” security researcher Kevin Beaumont said on Mastodon.

“Fortigate currently having the world’s least secret zero day used by China play out, including in FortiManager Cloud… but everybody is confused.”

Earlier this month, CISA added another critical flaw impacting Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb (CVE-2024-23113, CVSS score: 9.8) to its KEV catalog, based on evidence of in-the-wild exploitation.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Related news

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 - Oct 27)

Cybersecurity news can sometimes feel like a never-ending horror movie, can't it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that could make your head spin. But don't worry, we're here to break it all down in plain English and arm you with the

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 - Oct 20)

Hi there! Here’s your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems we thought were secure—like finding hidden doors in locked houses. But the good news? Security experts are fighting back with smarter tools to keep data safe. Some big companies were hit with attacks, while others fixed their vulnerabilities just in time. It's a constant battle.

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-23113 (CVSS score: 9.8), relates to cases of remote code execution that affects FortiOS, FortiPAM, FortiProxy, and FortiWeb. "A

CISA and Fortinet Warns of New FortiOS Zero-Day Flaws

By Deeba Ahmed Patch Now or Get Hacked: Researchers Confirm Potentially Active Exploitation of One of the FortiOS Flaws in the Wild. This is a post from HackRead.com Read the original post: CISA and Fortinet Warns of New FortiOS Zero-Day Flaws

The Hacker News: Latest News

AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case