Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, February 24th, 2024
Bricks Builder WordPress Plug-in Vulnerability CVE-2024-25600
WordPress Bricks Builder, a popular WordPress site builder, is being actively targeted by hackers due to a critical vulnerability that allows unauthenticated attackers to perform remote code execution.The Bricks plugin was estimated to have about 25,000 active installations when the vulnerability was disclosed
The vulnerability, tracked as CVE-2024-25600 with a CVSS score of 9.8, “anybody can run arbitrary commands and take over the site/server,” according to WordPress development and security company Snicco, which discovered the bug.
Atlassian Confluence fixes High Severity XSS Flaw – CVE-2024-21678
Atlassian has released a security update addressing CVE-2024-21678 with a CVSS score of 8.5, a high-severity stored cross-site scripting vulnerability impacting multiple Confluence Server and Data Center versions.
This flaw “allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction.”
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
Solarwinds ARM Pre Auth RCE Bug CVE-2024-23476 & CVE-2024-23479
Security researchers have uncovered vulnerabilities affecting the popular SolarWinds Access Rights Manager (ARM) software. Of the five disclosed flaws, three carry the potential for unauthenticated remote code execution – meaning attackers could seize control of vulnerable systems without needing any login credentials. SolarWinds urges all ARM users to prioritize patching.
Among the five vulnerabilities, three stand out for their potential to enable remote code execution without authentication. Tracked as CVE-2024-23476, CVE-2024-23477, and CVE-2024-23479, these flaws represent a grave risk to the integrity and security of enterprise systems.
Google fixes several vulnerabilities with Chrome 122 Version
Google has recently released Chrome 122, a significant milestone for the widely used web browser. Chrome version 122 addresses critical vulnerabilities and raises the bar for browser security standards.
It introduces advanced security features designed to prevent attackers from exploiting vulnerabilities in the browser, ensuring a more secure browsing experience for users. Google has acknowledged the researchers who discovered the vulnerabilities, showing their commitment to working closely with the cybersecurity community to enhance Chrome’s security.
VMware Issues a Advisory for Critical Vulnerability CVE-2024-22245
VMware has come up with a warning to the users to uninstall the VMware Enhanced Authentication Plug-in (EAP) due to critical and high severity vulnerabilities. The VMware EAP is a deprecated browser plugin that enables seamless single sign-on (SSO) to vSphere’s management interface from client workstations. It is an optional feature that stopped receiving support with the release of VMware vCenter Server 7.0.0u2 in March 2021.
The vulnerability tracked as CVE-2024-22245, with a CVSS score of 9.6 could allow a remote attacker to perform an arbitrary authentication relay attack by tricking a user with the plugin installed into visiting a malicious website. The arbitrary authentication relay bug allows attackers to communicate with the VMware EAP using WebSocket commands on a malicious website and request arbitrary Kerberos tickets on behalf of a victim.
This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram
