www.coresecurity.com
Open in
urlscan Pro
2606:4700::6812:bcc
Public Scan
Submitted URL: https://t.co/UnRPVXOqD2
Effective URL: https://www.coresecurity.com/blog/core-impact-monthly-chronicle-exploits-and-updates-july-2024
Submission: On December 20 via api from IN — Scanned from DE
Effective URL: https://www.coresecurity.com/blog/core-impact-monthly-chronicle-exploits-and-updates-july-2024
Submission: On December 20 via api from IN — Scanned from DE
Form analysis
0 forms found in the DOMText Content
Cookie-Präferenzen Skip to main content * Fortra.com * Contact Us * Support * All Fortra Products * FREE TRIALS * Fortra.com * Contact Us * Support * All Fortra Products * FREE TRIALS * Cyber Threat Toggle Dropdown PRODUCTS * Core Impact Penetration testing software * Cobalt Strike Red team software * Outflank Security Tooling (OST) Evasive attack simulation * Event Manager Security information and event management * Powertech Antivirus Server-level virus protection * Product Bundles Layered security solutions SOLUTIONS * Penetration Testing * Penetration Testing Services * Offensive Security * Threat Detection * Security Information and Event Management * Penetration Testing Services Security consulting services * Identity Toggle Dropdown PRODUCTS * Access Assurance Suite User provisioning and governance * Core Password & Secure Reset Self-service password management * Core Privileged Access Manager (BoKS) Privileged access management (PAM) SOLUTIONS * Privileged Access Management * Identity Governance & Administration * Password Management * See How to Simplify Access in Your Organization | Request a Demo * Industries Toggle Dropdown * Healthcare * Financial Services * Federal Government * Retail * Utilities & Energy * Higher Education * Compliance * Resources Toggle Dropdown * Upcoming Webinars & Events * Blogs * Case Studies * Videos * Datasheets * Guides * Training * Compliance * All Resources * CoreLabs Toggle Dropdown * Advisories * Exploits * Articles * Impacket * About Toggle Dropdown * Partners * Careers * Newsroom * Contact Us 1. Home 2. Blog 3. Core Impact Monthly Chronicle: Exploits and Updates | July 2024 CORE IMPACT MONTHLY CHRONICLE: EXPLOITS AND UPDATES | JULY 2024 CORE IMPACT EXPLOIT LIBRARY ADDITIONS One of Core Impact’s most valuable features is its certified exploit library. Fortra’s Core Security has a team of expert exploit writers that conduct research, evaluating and prioritizing the most relevant vulnerabilities in order to update the library with critical and useful exploits. Additionally, the QA team creates its own clean environment to validate each exploit before its release to ensure our standards and validate that it is safe and ready to use. While you can keep track of new releases through our exploit mailing list, here is a more detailed summary of some of the most recent additions to the library. CVE-2024-28995 - SOLARWINDS SERV-U FTP SERVER PATH TRAVERSAL VULNERABILITY EXPLOIT Authors: Esteban Kazimirow and Luis García Sierra (QA) CVSS: 7.5 HIGH Reference: CVE-2024-28995 A vulnerability was found in Serv-U, a managed file transfer and file transfer protocol solution from SolarWinds. If exploited, an unauthenticated, remote attacker could potentially access sensitive information from files stored on an organization’s server. This vulnerability is actively being exploited in the wild, especially in smash-and-grab attacks, in which malicious actors extort victims using data that was swiftly extracted from vulnerable file transfer solutions. Users are urged to upgrade to version Serv-U 15.4.2.157 as soon as possible. With this exploit, a pen tester could imitate a threat actor to exploit the directory traversal, download a file, and save it locally to a specified location. CVE-2024-1800 & CVE-2024-4358 - PROGRESS TELERIK REPORT SERVER VULNERABILITIES EXPLOIT Authors: Marcos Accossatto and Daniel De Luca (QA) CVSS: 9.9 CRITICAL, 9.8 CRITICAL Reference: CVE-2024-1800, CVE-2024-4358 Two vulnerabilities were discovered in the reporting platform, Progress Telerik Report Server. CVE-2024-1800 is an insecure deserialization vulnerability. If exploited, an attacker could remotely run malicious code on a target server. CVE-2024-4358 is an authentication bypass vulnerability. If exploited, an unauthenticated attacker could bypass verification systems, enabling them to potentially view, modify, or delete reports and configurations without needing valid credentials. Due to the severity of these vulnerabilities, users are urged to update to Report Server 2024 Q2 (10.1.24.514) in order to avoid the creation of rogue administrative accounts. This exploit chains these two vulnerabilities together, enabling a pen tester to deploy an agent that will run with root user privileges, allowing him to make unauthorized changes, extract data, or compromise the system. CVE-2023-36802 – MICROSOFT STREAMING SERVICE ELEVATION OF PRIVILEGE VULNERABILITY EXPLOIT—UPDATE Authors: Cristian Rubio and Luis García Sierra (QA) CVSS: 7.8 HIGH Reference: CVE-2023-36802 A vulnerability was found in the Windows Streaming service, which runs as SYSTEM, and can be exploited to allow local users to gain elevated privileges on the Windows operating system. This vulnerability has multiple instances of being exploited in the wild. This exploit takes advantage of this recent Microsoft vulnerability in the streaming service within Windows Kernel. It can be used to simulate an attacker that uses this vulnerability to escalate their privileges, gaining access to sensitive data or pivoting to eventually achieve full system control. Originally released in November 2023, this exploit has been updated to add reliability improvements when checking if the target is vulnerable CVE-2024-5276 - FILECATALYST WORKFLOW JOBID SQL INJECTION VULNERABILITY EXPLOIT Authors: Fernando Páez Barceló and Daniel De Luca (QA) CVSS: 9.8 CRITICAL Reference: CVE-2024-5276 A critical vulnerability was discovered in FileCatalyst, an accelerated file transfer software solution from Fortra. If exploited, an attacker could access sensitive data, disrupt services, or gain full control over a target system. Due to the severity of the vulnerability, users are urged to update to version 5.1.6 build 139 to ensure an attacker cannot modify application data. With this exploit, pen testers can assess if an organization’s system is vulnerable by using this module to create an administrative user (without authentication) and proceed through validation mechanisms using this newly created user. CVE-2021-26855 & CVE-2021-27065 - MICROSOFT EXCHANGE PROXYLOGON REMOTE CODE EXECUTION VULNERABILITY EXPLOIT—UPDATE Authors: Marcos Accossatto and Daniel De Luca (QA) CVSS: 9.8 CRITICAL, 7.8 HIGH Reference: CVE-2021-26855 CVE-2021-27065 These vulnerabilities are part of the ProxyLogon exploit chain, which impacted thousands of customers globally when initially discovered due to its ease of use and ability to provide an attacker with persistent system access. Though updates mitigating these flaws have been available since 2021, unpatched systems may still be vulnerable, especially in environments where patch management is challenging or neglected. This exploit uses the chain of CVE-2021-26855 with CVE-2021-27065. This combination of a server-side request forgery vulnerability and an arbitrary file write vulnerability enables a pen tester to execute commands with SYSTEM privileges in the Microsoft Exchange Server. Originally released in March 2021, this exploit has been updated to add several parameters for module flexibility and more log verbosity on errors, as well as fix a bug when using autodiscover to retrieve email SID. CVE-2024-29824 - IVANTI CORE SERVER EPM REMOTE CODE EXECUTION EXPLOIT Authors: Esteban Kazimirow and Daniel De Luca (QA) CVSS: 9.6 CRITICAL Reference: CVE-2024-29824 An SQL injection vulnerability was found in Ivanti Endpoint Manager. If exploited, an attacker could execute arbitrary commands on the Ivanti EPM core server, enabling them to access, modify, and extract sensitive data. Due to the severity of the vulnerability, users are urged to implement the May 2024 Hotfix as soon as possible to protect against this and several other vulnerabilities. Using this exploit, a pen tester could simulate an unauthenticated attacker within the same network and execute arbitrary code. Meet the Author PABLO ZURRO Cybersecurity Product Manager Core Security, by Fortra View Profile Related Products Core Impact Related Content Blog Core Impact Monthly Chronicle: Exploits and Updates | June 2024 Blog Core Impact Monthly Chronicle: Exploits and Updates | May 2024 Blog Core Impact Monthly Chronicle: Exploits and Updates | April 2024 Blog Open Source vs. Enterprise: Why Not All Exploits are Created Equal LEARN MORE ABOUT CORE IMPACT WATCH DEMO * Email Us * X Find us on Twitter * LinkedIn Find us on LinkedIn * Facebook Find us on Facebook * YouTube Find us on YouTube PRODUCTS * Access Assurance Suite * Core Impact * Cobalt Strike * Event Manager * Browse All Products SOLUTIONS * IDENTITY GOVERNANCE * PAM * IGA * IAM * Password Management * Vulnerability Management * Compliance * CYBER THREAT * Penetration Testing * Red Team * Phishing * Threat Detection * SIEM RESOURCES * Upcoming Webinars & Events * Corelabs Research * Blog * Training ABOUT * Our Company * Partners * Careers * Accessibility * info@fortra.com Also of Interest * Core Impact Monthly Chronicle: Exploits and... * Core Impact Monthly Chronicle: Exploits and... * Core Impact Monthly Chronicle: Exploits and... SUPPORT PRIVACY POLICY CONTACT IMPRESSUM COOKIE POLICY Copyright © Fortra, LLC and its group of companies. Fortra™, the Fortra™ logos, and other identified marks are proprietary trademarks of Fortra, LLC.