Cyble Research & Intelligence Labs (CRIL) recently released its weekly vulnerability report for June 19-25, highlighting 23 vulnerabilities across various products from major companies like Microsoft, Adobe, MOVEit, VMware, Fortra, Phoenix Technologies, SolarWinds, and Themify. The report specifically focuses on 10 high-severity and critical vulnerabilities that security teams need to pay close attention to in order to protect their systems from potential threats.

One of the critical vulnerabilities identified is CVE-2024-5276, a SQL Injection flaw in Fortra FileCatalyst Workflow, which could allow attackers to manipulate application data and potentially create administrative users or modify data in the application database. While data exfiltration via SQL injection is not possible, successful exploitation of this vulnerability requires certain permissions within the Workflow system. Fortunately, a patch is available to address this vulnerability.

Another critical vulnerability, CVE-2024-5806, affects Progress MOVEit Transfer (SFTP module) and could lead to authentication bypass, enabling attackers to access sensitive data on the server and manipulate file transfers. It was noted that exploitation attempts targeting this vulnerability began shortly after it was disclosed by the vendor. A patch is also available to mitigate this risk.

In addition, a high-severity vulnerability, CVE-2024-0762, was discovered in Phoenix SecureCore, impacting UEFI variable handling and potentially allowing for code execution on vulnerable devices. This vulnerability could affect a wide range of devices using Intel CPUs with this firmware. A patch is available to address this issue and protect devices from potential exploitation.

The report also highlights other critical vulnerabilities in products like Adobe Commerce, SolarWinds Serv-U, Microsoft Office, Themify WooCommerce Product Filter plugin, VMware vCenter Server, and Microsoft Outlook, each with its own potential impact and patch availability to address the risks.

Cyble’s scans of customer environments revealed nearly a million exposed assets related to just 7 vulnerabilities, including the VMware vCenter Server vulnerability and a PHP vulnerability that continues to affect a significant number of assets. Additionally, the report mentioned instances of alleged zero-day vulnerabilities being offered for sale on underground forums, indicating a thriving market for exploits and vulnerabilities within the cybercriminal community.

Overall, Cyble’s weekly vulnerability report serves as a valuable resource for security teams looking to stay informed about the latest threats and vulnerabilities affecting popular products and services. By addressing these vulnerabilities promptly with available patches, organizations can better protect their systems and data from potential cyber threats.

Извор линк