Latest Stories

Stay up-to-date with everything at Approach

Blog article

Weekly Digest Week 36 – 2024

Publication date

06.09.2024

Featured Story

Veeam warns of critical RCE flaw in Backup & Replication software

Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One.

The most severe of the problems addressed is CVE-2024-40711, a critical (CVSS v3.1) vulnerability in Backup & Replication (VBR) that can be exploited without authentication.

VBR is used to manage and secure backup infrastructure for enterprises, so it plays a critical role in data protection. As it can serve as a pivot point for lateral movement, it is considered a high-value target for ransomware operators.

SOC Analysis: Earlier this year, a new ransomware group started exploiting a vulnerability in Veeam, despite a patch being available. This highlights once more the importance of timely patching, especially for critical applications such as the backup system.

The vulnerabilities in this article are fixed in the following versions:

  • Veeam Backup & Replication 12.2 (build 12.2.0.334)
  • Veeam Agent for Linux 6.2 (build 6.2.0.101)
  • Veeam ONE v12.2 (build 12.2.0.4093)
  • Veeam Service Provider Console v8.1 (build 8.1.0.21377)
  • Veeam Backup for Nutanix AHV Plug-In v12.6.0.632
  • Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization Plug-In v12.5.0.299

Other Stories

Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution

CVE-2024-45195 (CVSS 7.5) in Apache OFBiz could allow unauthenticated remote code execution. The vulnerability affects all versions before 18.12.16.

SOC Analysis: This flaw can lead to full ERP compromise. Limit network access, apply logging and monitoring, and patch immediately.

Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress

CVE-2024-44000 affects LiteSpeed Cache ≤6.4.1, allowing account takeover by unauthenticated users. Fixed in version 6.5.0.1.

SOC Analysis: Widely-used plugins are high-value targets. Update LiteSpeed Cache to 6.5.0.1 immediately.

WARNING: Progress Patched 3 SQL Injection Vulnerabilities in WhatsUp Gold

Version 2024.0.0 of WhatsUp Gold patches CVE-2024-6670, CVE-2024-6671 (unauthenticated credential theft), and CVE-2024-6672 (privilege escalation).

SOC Analysis: Given WhatsUp Gold’s interconnected nature, exploitation could cascade through networks. Patch to 2024.0.0 without delay.

Want to enhance your organization’s cyber awareness or compliance strategy?
Contact the Approach Cyber SOC team for tailored support and training programs.

OTHER STORIES

Contact us to learn more about our services and solutions

Our team will help you start your journey towards cyber serenity

Do you prefer to send us an email?