CISA Adds SonicWall SonicOS, ImageMagick, and Linux Kernel Bugs to Its Known Exploited Vulnerabilities Catalog

September 10, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included SonicWall SonicOS, ImageMagick, and Linux Kernel vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog.

The ImageMagick vulnerability, known as CVE-2016-3714 or 'ImageTragick', could allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image. This flaw could enable attackers to take over websites that use the ImageMagick app for image enhancement. The app is widely used by web servers for resizing or cropping user-uploaded images.

The Linux Kernel vulnerability, identified as CVE-2017-1000253, was discovered by Qualys Research Labs. It affects all Linux distributions that have not updated their kernels after a commit released on April 14, 2015. The vulnerability lies in the way the kernel loads ELF executables and is triggered by applications built as Position Independent Executables (PIEs). An advisory published on RedHat states, 'A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application’s data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption.' This flaw could be exploited by an unprivileged local user with access to SUID (or otherwise privileged) PIE binary to escalate their privileges on the system.

The SonicWall SonicOS vulnerability, known as CVE-2024-40766, is an Improper Access Control Vulnerability. SonicWall has warned that a recently fixed access control flaw in SonicOS could potentially be exploited in attacks.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, federal agencies are required to address these vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog. Experts also recommend private organizations review the Catalog and address the vulnerabilities in their infrastructure. CISA has set a deadline of September 30, 2024, for federal agencies to fix these vulnerabilities.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.