Category Archives: Advisories

Advisories

python3.13-3.13.0~rc1-3.fc42

Read Time:16 Second

FEDORA-2024-ea70424921

Packages in this update:

python3.13-3.13.0~rc1-3.fc42

Update description:

Automatic update for python3.13-3.13.0~rc1-3.fc42.

Changelog

* Fri Aug 23 2024 Charalampos Stratakis <cstratak@redhat.com> – 3.13.0~rc1-3
– Security fix for CVE-2024-8088
– Fixes: rhbz#2307462

Read More

Advisories

Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717)

Read Time:1 Minute, 0 Second

What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the “Change Favicon” (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an image file. The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-39717 to its “Known Exploited Vulnerabilities” list.What is the recommended Mitigation?Versa Networks has released a patch to address this vulnerability and has mentioned in their advisory that the vulnerability has already been exploited by an Advanced Persistent Threat actor.What FortiGuard Coverage is available?FortiGuard Labs recommends users to apply the patches released by the vendor to secure their systems and follow their system hardening guidelines.FortiGuard Labs has blocked known malware used in campaign related to the Versa Director Dangerous File Type Upload Vulnerability. Java/CVE_2024_39717.A!exploitThe FortiGuard Incident Response team can be engaged to help with any suspected compromise.FortiGuard Labs is further investigating to provide protections and will update this Threat Signal Report with more information once it becomes available.

Read More