Category Archives: Advisories

Ivanti Virtual Traffic Manager (vTM ) Authentication Bypass Vulnerability (CVE-2024-7593)

Read Time:54 Second

What is the Vulnerability?Ivanti Virtual Traffic Manager (vTM), a software application used to manage and optimize the delivery of applications across networks is affected by an authentication bypass vulnerability. This flaw (CVE-2024-7593) arises from an incorrect implementation of an authentication algorithm, which can be exploited by a remote unauthenticated attacker to bypass authentication in the admin panel, allowing them to create a new admin user. This potentially grants unauthorized access and control over the affected system.A public Proof of Concept (PoC) is available for this exploit and CISA has added this vulnerability to Known Exploited Vulnerabilities (KEV) Catalog on September 24, 2024.What is the recommended Mitigation?Ivanti released updates for Ivanti Virtual Traffic Manager (vTM) which addresses the vulnerability. Security Advisory: Ivanti Virtual Traffic Manager (vTM ) (CVE-2024-7593)What FortiGuard Coverage is available?FortiGuard recommends users to apply the fix provided by the vendor and follow instructions as mentioned on the vendor’s advisory. FortiGuard team is currently investigating IPS Protection.The FortiGuard Incident Response team can be engaged to help with any suspected compromise.

Read More

USN-7043-1: cups-filters vulnerabilities

Read Time:33 Second

Simone Margaritelli discovered that the cups-filters cups-browsed component
could be used to create arbitrary printers from outside the local network.
In combination with issues in other printing components, a remote attacker
could possibly use this issue to connect to a system, created manipulated
PPD files, and execute arbitrary code when a printer is used. This update
disables support for the legacy CUPS printer discovery protocol.
(CVE-2024-47176)

Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP
data when creating PPD files. A remote attacker could possibly use this
issue to manipulate PPD files and execute arbitrary code when a printer is
used. (CVE-2024-47076)

Read More