Progress Software this week released patches for a critical-severity vulnerability in Flowmon that could allow remote, unauthenticated attackers to gain access to systems.
A widely used network monitoring and security solution, Flowmon includes analytics, reporting, and monitoring capabilities, allowing administrators to visualize network data and deal with cyber threats.
Tracked as CVE-2024-2389 and said to have the highest severity rating (CVSS score of 10/10), the recently fixed bug is described as an OS command injection issue leading to unauthorized access to the system via the platform’s web interface.
“Unauthenticated, remote attackers can gain access to the web interface of Flowmon to issue a carefully crafted API command that will allow arbitrary system commands to be executed without authentication,” Progress explains in its advisory.
Attackers could exploit this vulnerability to exfiltrate sensitive information, including network configuration details that could potentially lead to additional attacks across the network, threat intelligence firm SOCRadar notes.
According to Progress, the security defect impacts Flowmon versions 11.x and 12.x, but no appliance releases prior to version 11.0.
“Currently, we have not received any reports that this vulnerability has been exploited, and we are not aware of any direct impacts on customers,” the vendor’s advisory reads.
The vulnerability was addressed with the release of Flowmon versions 11.1.14 and 12.3.5, which can be immediately installed using the appliance’s automatic update feature. Manual downloads are also available.
Given the severity of CVE-2024-2389, users are advised to update their Flowmon appliances as soon as possible.
This week, Progress revealed that Flowmon is not affected by the XZ Utils backdoor that slipped into some Linux distributions, and which is tracked as CVE-2024-3094.
Related: Ivanti Patches Critical Vulnerabilities in Standalone Sentry, Neurons for ITSM
Related: Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server
Related: Fortinet Patches Critical Vulnerabilities Leading to Code Execution
