Positive Technologies presented the top trending vulnerabilities.
In July 2024, Positive Technologies identified three vulnerabilities as trending: in the document conversion product Ghostscript, in the hyperconverged Acronis Cyber Infrastructure platform, and in the engine for processing and displaying Windows HTML pages.
Vulnerability in the Windows MSHTML Platform HTML page processing and display engine
CVE-2024-38112 (— 7.5)
It is estimated that this vulnerability can affect about a billion devices, including users of outdated versions of Windows, such as Windows 10, Windows 11 and Windows Server 2022. Exploiting this flaw allows an attacker to deceive the user by sending them a malicious attachment disguised as a PDF file, which can lead to a leak of confidential information. Criminals can use phishing techniques, send emails with dangerous attachments or links to resources under their control.
To fix the vulnerability, we recommend installing official Windows security updates.
Arbitrary code execution vulnerability in the Acronis Cyber Infrastructure
CVE-2023-45249 (— 9.8)
According to the company's official statistics , Acronis services, including ACI, are used by about 20,000 service providers. The vulnerability may affect users of outdated versions.
Exploiting the vulnerability allows an unauthorized attacker to gain access to the ACI server and execute arbitrary code, which can lead to complete control over the system and further development of the attack. The vulnerability is related to the use of a default password, and to fix it, you need to install the latest security updates from Acronis.
Vulnerability in the Ghostscript document conversion software, Artifex
CVE-2024-29510 (CVSS score — 6.3)
Ghostscript document conversion software, which is present on most UNIX hosts, as well as on a significant number of Windows devices, was compromised due to a vulnerability that allows an intruder to exit the sandbox. An attacker can break into a service that uses PostScript or PDF formats and change files in the system, including their encryption. This security flaw is related to the write operation going out of bounds of the memory buffer. The best solution to fix this vulnerability is to update the program to version 10.03.1, for example, for Debian, Ubuntu, Fedora .
General analysis and recommendations
Trending vulnerabilities pose the greatest threat to corporate infrastructure and require rapid response. Positive Technologies experts use a variety of sources to identify such vulnerabilities, including vulnerability databases, security bulletins, social networks, and blogs.
Companies should carefully monitor new vulnerabilities and take prompt action to address them, installing all necessary security updates. This will help avoid potential attacks and protect confidential information stored in their systems.
Source
In July 2024, Positive Technologies identified three vulnerabilities as trending: in the document conversion product Ghostscript, in the hyperconverged Acronis Cyber Infrastructure platform, and in the engine for processing and displaying Windows HTML pages.
Vulnerability in the Windows MSHTML Platform HTML page processing and display engine
CVE-2024-38112 (— 7.5)
It is estimated that this vulnerability can affect about a billion devices, including users of outdated versions of Windows, such as Windows 10, Windows 11 and Windows Server 2022. Exploiting this flaw allows an attacker to deceive the user by sending them a malicious attachment disguised as a PDF file, which can lead to a leak of confidential information. Criminals can use phishing techniques, send emails with dangerous attachments or links to resources under their control.
To fix the vulnerability, we recommend installing official Windows security updates.
Arbitrary code execution vulnerability in the Acronis Cyber Infrastructure
CVE-2023-45249 (— 9.8)
According to the company's official statistics , Acronis services, including ACI, are used by about 20,000 service providers. The vulnerability may affect users of outdated versions.
Exploiting the vulnerability allows an unauthorized attacker to gain access to the ACI server and execute arbitrary code, which can lead to complete control over the system and further development of the attack. The vulnerability is related to the use of a default password, and to fix it, you need to install the latest security updates from Acronis.
Vulnerability in the Ghostscript document conversion software, Artifex
CVE-2024-29510 (CVSS score — 6.3)
Ghostscript document conversion software, which is present on most UNIX hosts, as well as on a significant number of Windows devices, was compromised due to a vulnerability that allows an intruder to exit the sandbox. An attacker can break into a service that uses PostScript or PDF formats and change files in the system, including their encryption. This security flaw is related to the write operation going out of bounds of the memory buffer. The best solution to fix this vulnerability is to update the program to version 10.03.1, for example, for Debian, Ubuntu, Fedora .
General analysis and recommendations
Trending vulnerabilities pose the greatest threat to corporate infrastructure and require rapid response. Positive Technologies experts use a variety of sources to identify such vulnerabilities, including vulnerability databases, security bulletins, social networks, and blogs.
Companies should carefully monitor new vulnerabilities and take prompt action to address them, installing all necessary security updates. This will help avoid potential attacks and protect confidential information stored in their systems.
Source
