CISA Adds SonicWall SonicOS, ImageMagick, and Linux Kernel Bugs to Its Known Exploited Vulnerabilities Catalog
September 10, 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included SonicWall SonicOS, ImageMagick, and Linux Kernel vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog.
The ImageMagick vulnerability, known as CVE-2016-3714 or 'ImageTragick', could allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image. This flaw could enable attackers to take over websites that use the ImageMagick app for image enhancement. The app is widely used by web servers for resizing or cropping user-uploaded images.
The Linux Kernel vulnerability, identified as CVE-2017-1000253, was discovered by Qualys Research Labs. It affects all Linux distributions that have not updated their kernels after a commit released on April 14, 2015. The vulnerability lies in the way the kernel loads ELF executables and is triggered by applications built as Position Independent Executables (PIEs). An advisory published on RedHat states, 'A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application’s data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption.' This flaw could be exploited by an unprivileged local user with access to SUID (or otherwise privileged) PIE binary to escalate their privileges on the system.
The SonicWall SonicOS vulnerability, known as CVE-2024-40766, is an Improper Access Control Vulnerability. SonicWall has warned that a recently fixed access control flaw in SonicOS could potentially be exploited in attacks.
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, federal agencies are required to address these vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog. Experts also recommend private organizations review the Catalog and address the vulnerabilities in their infrastructure. CISA has set a deadline of September 30, 2024, for federal agencies to fix these vulnerabilities.
Related News
- Akira Ransomware Group Exploits SonicWall Vulnerability for Remote Code Execution
- SonicWall SSLVPN Vulnerability Exploited in Cyber Attacks: Urgent Call for Patching
- Critical Access Control Vulnerability Detected in SonicWall's SonicOS
Latest News
- Microsoft's September 2024 Patch Tuesday Addresses 79 Security Flaws Including 4 Zero-days
- Akira Ransomware Group Exploits SonicWall Vulnerability for Remote Code Execution
- Chinese APT Group Mustang Panda Exploits Visual Studio Code in Southeast Asian Cyberattacks
- Critical 10/10 Severity RCE Vulnerability Identified in Progress LoadMaster
- SonicWall SSLVPN Vulnerability Exploited in Cyber Attacks: Urgent Call for Patching
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.