The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Monday added a important security flaw impacting ScienceLogic SL1 to its Recognized Exploited Vulnerabilities (KEV) catalog, following stories of energetic exploitation as a zero-day.
The vulnerability in query, tracked as CVE-2024-9537 (CVSS v4 rating: 9.3), refers to a bug involving an unspecified third-party element that would result in distant code execution.
The difficulty has since been addressed in variations 12.1.3, 12.2.3, and 12.3 and later. Fixes have additionally been made accessible for model 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.
The event comes weeks after cloud internet hosting supplier Rackspace acknowledged that it “grew to become conscious of a difficulty with the ScienceLogic EM7 Portal,” prompting it to take its dashboard offline in the direction of the tip of final month.
“Now we have confirmed that the exploit of this third-party software resulted in entry to 3 inside Rackspace monitoring internet servers,” an account named ynezzor mentioned in an X submit on September 28, 2024.
It isn’t clear who’s behind the assault, though Rackspace has confirmed to Bleeping Pc that the zero-day exploitation led to unauthorized entry to its inside efficiency reporting techniques and that it has notified all impacted clients. The breach was first reported by The Register.
Federal Civilian Govt Department (FCEB) companies are required to use the fixes by November 11, 2024, to counter potential threats to their networks.
Fortinet Patches Seemingly Exploited Flaw
The event comes as Fortinet has launched security updates for FortiManager to remediate a vulnerability that’s reportedly being exploited by China-linked risk actors.
Particulars concerning the flaw are presently unknown, though Fortinet, up to now, has despatched out confidential buyer communications upfront to assist them bolster their defenses previous to it being launched to a broader viewers. The Hacker Information has reached out to the corporate, and we are going to replace the story if we hear again.
“FortiGate have launched one of many six new variations of FortiManager which repair the actively exploited zero day within the product… however they’ve not issued a CVE or documented the difficulty present within the launch notes. Subsequent week possibly?,” security researcher Kevin Beaumont mentioned on Mastodon.
“Fortigate presently having the world’s least secret zero day utilized by China play out, together with in FortiManager Cloud… however all people is confused.”
Earlier this month, CISA added one other important flaw impacting Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb (CVE-2024-23113, CVSS rating: 9.8) to its KEV catalog, primarily based on proof of in-the-wild exploitation.