Man
Professional
- Messages
- 3,070
- Reaction score
- 606
- Points
- 113
Attackers could gain unauthorized access to company servers.
Positive Technologies has detected a cyberattack on a Russian company targeting the VINTEO video conferencing system. A detailed analysis of the traffic showed that two dangerous vulnerabilities in the VINTEO video conferencing system were exploited for the hack.
According to the company, the incident occurred in 2024. The activity recorded by the PT ESC expert indicated the beginning of active actions of the attackers and a specific attack. Within 10 hours of the start of the incident, the Positive Technologies expert team received the necessary data from the client, confirmed the information security incident and the exploitation of a previously unknown vulnerability, and the information security threat response team of the Positive Technologies Security Expert Center (PT ESC IR) began an investigation.
Two vulnerabilities were exploited in the attack. The first is related to SQL injection ( BDU:2024-08421 , 9.8 on the CVSS 3.0 scale), and the second ( BDU:2024-08422 , 8.1 on the CVSS 3.0 scale) is related to the execution of arbitrary code with maximum privileges in the system. The combination of the two vulnerabilities allowed an attacker to execute malicious code without authorization in the system.
"Exploitation of vulnerabilities could allow an attacker to gain significant privileges to access the server on which the video conferencing system is installed, which increased the risks to the customers' infrastructure," Positive Technologie noted. VINTEO specialists eliminated vulnerabilities in a short time and prevented possible infection of Russian companies.
To fix the vulnerabilities, you need to install VINTEO version 29.3.6 or later. If this is not possible, it is strongly recommended to use a firewall to close access to the video conferencing system from the global network.
Source
Positive Technologies has detected a cyberattack on a Russian company targeting the VINTEO video conferencing system. A detailed analysis of the traffic showed that two dangerous vulnerabilities in the VINTEO video conferencing system were exploited for the hack.
According to the company, the incident occurred in 2024. The activity recorded by the PT ESC expert indicated the beginning of active actions of the attackers and a specific attack. Within 10 hours of the start of the incident, the Positive Technologies expert team received the necessary data from the client, confirmed the information security incident and the exploitation of a previously unknown vulnerability, and the information security threat response team of the Positive Technologies Security Expert Center (PT ESC IR) began an investigation.
Two vulnerabilities were exploited in the attack. The first is related to SQL injection ( BDU:2024-08421 , 9.8 on the CVSS 3.0 scale), and the second ( BDU:2024-08422 , 8.1 on the CVSS 3.0 scale) is related to the execution of arbitrary code with maximum privileges in the system. The combination of the two vulnerabilities allowed an attacker to execute malicious code without authorization in the system.
"Exploitation of vulnerabilities could allow an attacker to gain significant privileges to access the server on which the video conferencing system is installed, which increased the risks to the customers' infrastructure," Positive Technologie noted. VINTEO specialists eliminated vulnerabilities in a short time and prevented possible infection of Russian companies.
To fix the vulnerabilities, you need to install VINTEO version 29.3.6 or later. If this is not possible, it is strongly recommended to use a firewall to close access to the video conferencing system from the global network.
Source
