Overview
Check Point has released security advisories relating to ongoing exploitation attempts against devices in the Quantum and CloudGuard family of products owing to a high-severity vulnerability, namely CVE-2024-24919.
CloudGuard is a SaaS platform that provides unified, cloud-native security across applications, workloads, and networks.
This vulnerability affects any Check Point Security Gateway device that has IPsec VPN blade enabled when included in the Remote Access VPN community or those devices where Mobile Access Software Blade is enabled. Check Point has provided details of a hotfix and outlined several defensive measures.
Linux Kernel is affected by a high-severity vulnerability (CVE-2024-1086), which is currently being exploited, that could allow an attacker to achieve local privilege escalation.
Oracle has reported a high-severity, command-injection vulnerability (CVE-2017-3506) that affects the Oracle Weblogic Server.
WordPress: owing to critical vulnerability, CVE-2024-3820, the WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to SQL Injection via the 'id_key' parameter of the wdt_delete_table_row AJAX action in all versions up to, and including, 6.3.1 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This only affects the premium version of the plugin.
Progress has reported a critical, authentication bypass (by spoofing) vulnerability that affects the Progress Telerik Report Server, version Q1 or earlier.
Recommended Action
Organisations are encouraged to review the appropriate security advisory pages and apply the updates:
Check Point – Security Blog and Support Center - Preventative Hotfix
Linux Kernel – Git.kernel.org and NIST Database
Oracle – Security Advisory
WordPress – Wordfence Threat Intel
Progress – Telerik Knowledge Base
If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.