Critical Vulnerability Found in PostgreSQL PL/Perl: Varonis Issues Warning

November 14, 2024

Varonis, a cybersecurity firm, has identified a critical security flaw in the PostgreSQL PL/Perl language extension. This vulnerability potentially allows a user to arbitrarily set environment variables in PostgreSQL session processes. The bug is severe, with a CVSS rating of 8.8, signifying a high level of risk. Depending on the circumstances of its exploitation, this vulnerability could lead to serious security breaches.

The vulnerability, tracked as CVE-2024-10979, enables a threat actor to alter a sensitive environment, which could lead to the execution of arbitrary code without needing the access rights of an operating system user. The flaw also provides an avenue for the threat actors to execute additional queries, thereby gaining more information about the machine and its data.

The versions of PostgreSQL that are vulnerable to this flaw include those prior to 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21. The researchers recommend upgrading to the latest minor version of PostgreSQL at the very least to address this vulnerability. They also advise restricting the extensions that are permitted.

For those using PostgreSQL, it is also recommended to check the ddl logs for the creation of functions that are unfamiliar or were not created by the user. This will help in determining whether their system has been compromised by this vulnerability.

Latest News

• Russian Cybercriminals Exploit NTLM Flaw to Launch RAT Malware via Phishing Attacks
• Resurgence of China's Volt Typhoon Botnet: A Persistent Cybersecurity Threat
• End-of-Life D-Link NAS Devices Under Attack Due to Critical Bug
• OvrC Cloud Platform Flaws Open IoT Devices to Remote Attacks and Code Execution
• Microsoft's November Update: Two Zero-Day Bugs Under Active Exploit