The US cybersecurity authority CISA has issued warnings about ongoing attacks targeting vulnerabilities in Linux, Apache OFBiz, .NET, and Paessler PRTG. IT administrators are advised to check and apply the latest security updates immediately to mitigate these threats. Affected: Linux, Apache OFBiz, .NET, Paessler PRTG
Keypoints :
- CISA warns of observed attacks exploiting vulnerabilities in Linux, Apache OFBiz, Microsoft .NET Framework, and Paessler PRTG.
- Specific vulnerability identified in the Linux kernel related to the USB Video Class driver (CVE-2024-53104).
- Vulnerabilities in Apache OFBiz (CVE-2024-45195), .NET Framework (CVE-2024-29059), and Paessler PRTG (multiple CVEs) were also noted.
- Software updates are available to mitigate these vulnerabilities.
- IT administrators need to ensure that software updates have been applied to protect against these exploits.
- There is a consistent issue with timely updates, as many admin users fall behind on applying updates.
MITRE Techniques :
- TA0001 – Initial Access: Exploiting vulnerable software to gain access to systems.
- TA0002 – Execution: Executing arbitrary code via weaknesses in software such as Apache OFBiz, .NET Framework, etc.
- TA0003 – Persistence: Maintaining access through manipulation of vulnerable applications.
Indicator of Compromise :
- [CVE] CVE-2024-53104
- [CVE] CVE-2024-45195
- [CVE] CVE-2024-29059
- [CVE] CVE-2018-9276
- [CVE] CVE-2018-19410