Internet Storm Center Spotlight


INTERNET STORM CENTER SPOTLIGHT

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

"Mouse Logger" Malicious Python Script

Published: 2024-07-24

Last Updated: 2024-07-24 06:45:59 UTC

by Xavier Mertens (Version: 1)

Keylogging is a pretty common feature of many malware families because recording the key pressed on a keyboard may reveal a lot of interesting information like usernames, passwords, etc. Back from SANSFIRE, I looked at my backlog of hunting results and found an interesting piece of Python malware. This one implements a keylogger and a screenshot grabber but also... a "mouse logger"! By mouse logger, I mean that it can collect activity generated by the user's mouse.

The attacker uses the classic Python module pyinput ...

Read the full entry:

https://isc.sans.edu/diary/Mouse+Logger+Malicious+Python+Script/31106/

Widespread Windows Crashes Due to CrowdStrike Updates

Published: 2024-07-19

Last Updated: 2024-07-19 16:59:59 UTC

by Johannes Ullrich (Version: 1)

Last night, endpoint security company CrowdStrike released an update that is causing widespread "blue screens of death" (BSOD) on Windows systems. CrowdStrike released an advisory, which is only available after logging into the CrowdStrike support platform. A brief public statement can be found here.

CrowdStrike now also published a detailed public document with tips to recover:

https://www.crowdstrike.com/blog/statement-on-falcon-content-update-for-windows-hosts/

---

Update: Some reports we have seen indicate that there may be phishing emails circulating claiming to come from "CrowdStrike Support" or "CrowdStrike Security". I do not have any samples at this point, but attackers are likely leveraging the heavy media attention. Please be careful with any "patches" that may be delivered this way.

One domain possibly associated with these phishing attacks is ...

---

Linux and MacOS systems are not affected by this issue.

The quickest fix appears to boot the system into "Windows Safemode with Network". This way, Crowdstrike will not start, but the current version may be downloaded and applied, which will fix the issue. This "quick version" of the fix is not part of CrowdStrike's recommendations but may be worth a try if you have many systems to apply the fix to or if you need to talk a non-computer-savvy person through the procedure. Some users have reported that this will succeed.

Casimir Pulaski (@cybermactex) mentioned on X that a simple reboot sometimes works if the latest update was downloaded before the system crashed.

The support portal statement offers the following steps to get affected systems back into business ...

Read the full entry:

https://isc.sans.edu/diary/Widespread+Windows+Crashes+Due+to+Crowdstrike+Updates/31094/

CrowdStrike: The Monday After

Published: 2024-07-22

Last Updated: 2024-07-22 17:06:26 UTC

by Johannes Ullrich (Version: 1)

Last Friday, after CrowdStrike released a bad sensor configuration update that caused widespread crashes of Windows systems. The most visible effects of these crashes appear to have been mitigated. I am sure many IT workers had to spend the weekend remediating the issue.

It is still early regarding the incident response part, but I would like to summarize some of the important facts we know and some lessons learned.

You are likely affected if the CrowdStrike sensor system retrieved updates between 0409 and 0527 UTC on Friday, July 19th. CrowdStrike allows users to configure a sensor update policy, which will delay the update of the sensor software. But the corrupt file was a configuration ("signature") update, not an update of the sensor itself. Configuration updates are always applied as soon as they are released. Customers do not have an option to delay these updates. Systems crashed because a kernel driver provided by CrowdStrike crashed as it read the malformed configuration file.

Since news of the incident broke, CrowdStrike has been updating and expanding its guidance. Your first stop should be CrowdStrike's "Remediation and Guidance Hub". It will link to all the resources CrowdStrike has to offer. Yesterday, CrowdStrike announced that they will soon offer a new, accelerated technique for recovery. As I write this, the new technique has not been published. CrowdStrike did provide a new dashboard to affected users to track systems affected by the update.

Microsoft developed a USB solution to simplify the process. To apply the update, systems must be booted from the USB key. However, Bitlocker-encrypted hosts may require a recovery key.

Bitlocker is the major hurdle to a speedy recovery for many affected organizations. Ben Watsons posted on LinkedIn that his organization came up with a way to use a barcode scanner to simplify entering the recovery keys. I do not believe that the related code to create the barcodes is public.

Read the full entry:

https://isc.sans.edu/diary/CrowdStrike+The+Monday+After/31098/

Internet Storm Center Entries


New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273) (2024.07.23)

https://isc.sans.edu/diary/New+Exploit+Variation+Against+DLink+NAS+Devices+CVE20243273/31102/

Recent CVEs


The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

CVE-2024-3273 - D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L are vulnerable to a critical command injection flaw in the /cgi-bin/nas_sharing.cgi file via an unsupported HTTP GET Request Handler function, allowing remote attackers to exploit it even though the products are no longer supported by the vendor.

Product: D-Link DNS-320L

CVSS Score: 0

** KEV since 2024-04-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3273

ISC Diary: https://isc.sans.edu/diary/31102

ISC Podcast: https://isc.sans.edu/podcastdetail/9066

CVE-2024-20401 - Cisco Secure Email Gateway is vulnerable to remote attackers overwriting arbitrary files on the underlying operating system due to improper handling of email attachments, potentially leading to unauthorized access, configuration modification, code execution, or a denial of service situation requiring manual recovery.

Product: Cisco Secure Email Gateway

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20401

ISC Podcast: https://isc.sans.edu/podcastdetail/9058

NVD References: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH

CVE-2024-20419 - Cisco Smart Software Manager On-Prem (SSM On-Prem) has a vulnerability that allows unauthenticated attackers to change any user's password, including administrative users, due to improper implementation of the password-change process.

Product: Cisco Smart Software Manager On-Prem (SSM On-Prem)

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20419

ISC Podcast: https://isc.sans.edu/podcastdetail/9058

NVD References: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-auth-sLw3uhUy

CVE-2024-22442 - The vulnerability in HPE 3PAR Service Processor Software could be remotely exploited to bypass authentication.

Product: HPE 3PAR Service Processor Software

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22442

NVD References: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04663en_us&docLocale=en_US

CVE-2024-33180 - Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo.

Product: Tenda AC18

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-33180

NVD References: https://palm-vertebra-fe9.notion.site/saveParentControlInfo_1-7c9695d0251945ae8006db705b9b80ac

CVE-2024-33182 - Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter.

Product: Tenda AC18

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-33182

NVD References: https://palm-vertebra-fe9.notion.site/addWifiMacFilter_1-067fa6984f0d4933b88c63efd7486479

CVE-2024-35338 - Tenda i29 v1.0 V1.0.0.5 was discovered to contain a hardcoded password for root.

Product: Tenda i29

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35338

NVD References: https://palm-vertebra-fe9.notion.site/hardcode_i29-e1ed38dde00145d9a6be1ad2b4581259

CVE-2024-39700 - JupyterLab extension template with `copier` test option has an RCE vulnerability in `update-integration-tests.yml` workflow, urging GitHub-hosted extension authors to upgrade to the latest version.

Product: JupyterLab copier

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-39700

NVD References:

- https://github.com/jupyterlab/extension-template/commit/035e78c1c65bcedee97c95bb683abe59c96bc4e6

- https://github.com/jupyterlab/extension-template/security/advisories/GHSA-45gq-v5wm-82wg

CVE-2024-21181 - The Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core) is vulnerable to an easily exploitable vulnerability that allows unauthenticated attackers with network access via T3, IIOP to compromise the server and potentially take over.

Product: Oracle Weblogic Server

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21181

NVD References: https://www.oracle.com/security-alerts/cpujul2024.html

CVE-2024-6801 - SourceCodester Online Student Management System 1.0 is vulnerable to an unrestricted file upload issue in /add-students.php due to manipulation of the argument image, allowing for remote attacks with a critical impact (VDB-271703).

Product: Online Student Management System Project

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6801

NVD References:

- https://github.com/aaajuna/demo/issues/1

- https://vuldb.com/?ctiid.271703

- https://vuldb.com/?id.271703

- https://vuldb.com/?submit.374774

CVE-2024-6802 - SourceCodester Computer Laboratory Management System 1.0 is susceptible to a critical SQL injection vulnerability in the save_record function of Master.php, allowing for remote attacks.

Product: Computer Laboratory Management System Project

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6802

NVD References:

- https://reports-kunull.vercel.app/CVE%20research/2024/cve-2024-6802

- https://vuldb.com/?ctiid.271704

- https://vuldb.com/?id.271704

- https://vuldb.com/?submit.374797

CVE-2024-6803 - itsourcecode Document Management System 1.0 is susceptible to a critical SQL injection vulnerability in the file insert.php, allowing for remote attacks.

Product: itsourcecode Document Management System 1.0

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6803

NVD References:

- https://github.com/hzy11111111/cve/issues/3

- https://vuldb.com/?ctiid.271705

- https://vuldb.com/?id.271705

- https://vuldb.com/?submit.374809

CVE-2024-6808 - itsourcecode Simple Task List 1.0 is vulnerable to a critical SQL injection in the insertUserRecord function of signUp.php, allowing remote attackers to exploit the argument username.

Product: itsourcecode Simple Task List 1.0

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6808

NVD References:

- https://github.com/qianqiusujiu/cve/issues/1

- https://vuldb.com/?ctiid.271707

- https://vuldb.com/?id.271707

- https://vuldb.com/?submit.375154

CVE-2024-6220 - The Keydatas plugin for WordPress allows arbitrary file uploads, putting servers at risk of remote code execution.

Product: Keydatas

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6220

NVD References:

- https://plugins.trac.wordpress.org/browser/keydatas/trunk/keydatas.php

- https://www.wordfence.com/threat-intel/vulnerabilities/id/49ae7971-7bdf-4369-b04b-fb48ea5b9518?source=cve

CVE-2024-5471 - Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover vulnerability due to the hard-coded sensitive keys.

Product: Zohocorp Manageengine DDI Central

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5471

NVD References: https://www.manageengine.com/dns-dhcp-ipam/security-updates/cve-2024-5471.html

CVE-2024-23466 - SolarWinds Access Rights Manager (ARM) is vulnerable to Directory Traversal Remote Code Execution, enabling unauthorized users to execute commands with SYSTEM privileges.

Product: SolarWinds Access Rights Manager

CVSS Score: 9.6 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23466

NVD References: https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm

CVE-2024-23467 - SolarWinds Access Rights Manager allows unauthenticated users to remotely execute code due to a Directory Traversal and Information Disclosure Vulnerability.

Product: SolarWinds Access Rights Manager

CVSS Score: 9.6 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23467

NVD References: https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm

CVE-2024-23469 - SolarWinds Access Rights Manager (ARM) is vulnerable to remote code execution, enabling unauthorized users to gain SYSTEM privileges.

Product: SolarWinds Access Rights Manager

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23469

NVD References: https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm

CVE-2024-23470 - SolarWinds Access Rights Manager is vulnerable to a pre-authentication remote code execution flaw allowing unauthorized users to run commands and executables.

Product: SolarWinds Access Rights Manager

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23470

NVD References: https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm

CVE-2024-23471 - SolarWinds Access Rights Manager is vulnerable to remote code execution by an authenticated user.

Product: SolarWinds Access Rights Manager

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23471

NVD References: https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm

CVE-2024-23472 - SolarWinds Access Rights Manager (ARM) is vulnerable to a Directory Traversal flaw that enables authenticated users to read and delete files at will.

Product: SolarWinds Access Rights Manager

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23472

NVD References: https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm

CVE-2024-23475 - SolarWinds Access Rights Manager is vulnerable to file deletion and information leakage by unauthenticated users.

Product: SolarWinds Access Rights Manager

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23475

NVD References: https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm

CVE-2024-28074 - SolarWinds Access Rights Manager still vulnerable as researcher bypasses implemented controls to exploit vulnerability using alternative method.

Product: SolarWinds Access Rights Manager

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28074

NVD References: https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm

CVE-2024-6834 - APIML Spring Cloud Gateway vulnerability allows users to bypass authentication and access internal endpoints using Zowe client certificates.

Product: APIML Spring Cloud Gateway

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6834

NVD References: https://github.com/zowe/api-layer

CVE-2024-39907 & CVE-2024-39911 - 1Panel is vulnerable to sql injections

Product: 1Panel web-based linux server management control panel

CVSS Score: 9.8 - 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-39907

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-39911

NVD References:

- https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-5grx-v727-qmq6

- https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-7m53-pwp6-v3f5

CVE-2024-40628 - JumpServer allows an attacker to exploit the ansible playbook to read arbitrary files in the celery container, leading to sensitive information disclosure.

Product: JumpServer

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-40628

NVD References: https://github.com/jumpserver/jumpserver/security/advisories/GHSA-rpf7-g4xh-84v9

CVE-2024-40629 - JumpServer allows attackers to gain remote code execution by exploiting an Ansible playbook vulnerability in the Celery container, potentially leading to unauthorized access and data theft.

Product: JumpServer

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-40629

NVD References: https://github.com/jumpserver/jumpserver/security/advisories/GHSA-3wgp-q8m7-v33v

CVE-2024-5618 - PruvaSoft Informatics Apinizer Management Console before 2024.05.1 allows unauthorized access to critical resources due to incorrect permission assignments.

Product: PruvaSoft Informatics Apinizer Management Console

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5618

NVD References: https://www.usom.gov.tr/bildirim/tr-24-1010

CVE-2024-5619 - PruvaSoft Informatics Apinizer Management Console before 2024.05.1 is vulnerable to an Authorization Bypass vulnerability due to user-controlled key manipulation and incorrectly configured access control security levels.

Product: PruvaSoft Informatics Apinizer Management Console

CVSS Score: 9.6 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5619

NVD References: https://www.usom.gov.tr/bildirim/tr-24-1010

CVE-2024-0857 - FlexWater Corporate Water Management by Universal Software Inc. is vulnerable to SQL Injection through 18072024, with the vendor failing to respond to disclosure attempts.

Product: Universal Software Inc. FlexWater Corporate Water Management

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-0857

NVD References: https://www.usom.gov.tr/bildirim/tr-24-1011

CVE-2024-6205 - The PayPlus Payment Gateway WordPress plugin is vulnerable to SQL injection via a WooCommerce API route accessible to unauthenticated users.

Product: PayPlus Payment Gateway WordPress plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6205

NVD References: https://wpscan.com/vulnerability/7e2c5032-2917-418c-aee3-092bdb78a087/

CVE-2024-6636 - The WooCommerce - Social Login plugin for WordPress allows unauthenticated attackers to change the default role to Administrator by exploiting a missing capability check on the 'woo_slg_login_email' function in versions up to 2.7.3.

Product: WooCommerce Social Login plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6636

NVD References:

- https://codecanyon.net/item/social-login-wordpress-woocommerce-plugin/8495883

- https://www.wordfence.com/threat-intel/vulnerabilities/id/77ea4ba8-6c13-494a-92e3-12643003635b?source=cve

CVE-2024-38437 & CVE-2024-38438 - D-Link Authentication Bypass vulnerabilities

Product: D-Link

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38437

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38438

NVD References: https://www.gov.il/en/Departments/faq/cve_advisories

CVE-2024-38773 - Adrian Tobey FormLift for Infusionsoft Web Forms is vulnerable to Blind SQL Injection from versions n/a through 7.5.17.

Product: Adrian Tobey FormLift

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38773

NVD References: https://patchstack.com/database/vulnerability/formlift/wordpress-formlift-plugin-7-5-17-unauthenticated-blind-sql-injection-vulnerability?_s_id=cve

CVE-2024-37998 - CPCI85 Central Processing/Communication (All versions < V5.40) and SICORE Base system (All versions < V1.4.0) are vulnerable to unauthorized password resets, allowing attackers to gain administrative access.

Product: CPC iFIX

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-37998

NVD References: https://cert-portal.siemens.com/productcert/html/ssa-071402.html

CVE-2024-21552 - SuperAGI is vulnerable to Arbitrary Code Execution through unsafe use of the `eval` function, allowing an attacker to gain arbitrary code execution on the application server.

Product: SuperAGI

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21552

NVD References:

- https://github.com/TransformerOptimus/SuperAGI/blob/9361f0491716e56bd0c0ae2f3b49da201a18c58c/superagi/agent/output_handler.py#L149

- https://github.com/TransformerOptimus/SuperAGI/blob/9361f0491716e56bd0c0ae2f3b49da201a18c58c/superagi/agent/output_handler.py#L180

CVE-2024-26020 - Anki 24.04 is vulnerable to arbitrary script execution through specially crafted flashcards, allowing attackers to trigger arbitrary code execution.

Product: Ankitects Anki

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26020

NVD References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1993

CVE-2024-39685 & CVE-2024-39686 - Bert-VITS2 arbitrary command execution vulnerabilities

Product: fishaudio Bert-VITS2

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-39685

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-39686

NVD References:

- https://github.com/fishaudio/Bert-VITS2/blob/3f8c537f4aeb281df3fb3c455eed9a1b64871a81/webui_preprocess.py#L46-L52

- https://github.com/fishaudio/Bert-VITS2/blob/76653b5b6d657143721df2ed6c5c246b4b1d9277/webui_preprocess.py#L130-L133

- https://securitylab.github.com/advisories/GHSL-2024-045_GHSL-2024-047_fishaudio_Bert-VITS2/

- https://github.com/fishaudio/Bert-VITS2/blob/3f8c537f4aeb281df3fb3c455eed9a1b64871a81/webui_preprocess.py#L82C9-L82C57

CVE-2024-6793 - NI VeriStand DataLogging Server is vulnerable to remote code execution due to a deserialization of untrusted data issue, requiring an attacker to send a specially crafted message to exploit the vulnerability.

Product: National Instruments NI VeriStand

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6793

NVD References: https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerabilities-in-ni-veristand.html

CVE-2024-6794 - NI VeriStand Waveform Streaming Server is susceptible to a deserialization vulnerability, allowing remote code execution through specially crafted messages in versions up to 2024 Q2.

Product: National Instruments NI VeriStand

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6794

NVD References: https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/deserialization-of-untrusted-data-vulnerabilities-in-ni-veristand.html

CVE-2024-6806 - NI VeriStand Gateway is susceptible to unauthorized actors accessing Project resources, potentially leading to remote code execution in versions up to 2024 Q2.

Product: NI VeriStand

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6806

NVD References: https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/missing-authorization-checks-in-ni-veristand-gateway.html

CVE-2024-38164 - GroupMe is vulnerable to an improper access control issue that enables unauthenticated attackers to elevate privileges by tricking users into clicking on a malicious link.

Product: GroupMe

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38164

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/