Fortra® Security & Trust Center

Emerging Threats

UNIX System Vulnerabilities via CUPS

Fri, 09/27/2024
Fortra is actively researching several vulnerabilities in UNIX systems. These vulnerabilities can allow a remote unauthenticated attacker to achieve remote code execution via a UDP packet to port 631 if the CUPS port is open. LAN attacks are also possible via spoofing zeroconf / mDNS / DNS-SD advertisements. Customers are recommended to update the CUPS package to mitigate this vulnerability.
Security Advisory

Medium to High Integrity Privilege Escalation in Microsoft Windows

Thu, 09/26/2024
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt.
FR-2024-002
Medium
CVE-2024-6769
Security Advisory

Insecure Default in FileCatalyst Workflow 5.1.6 Build 139 (and earlier)

Tue, 08/27/2024
The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to a compromise of confidentiality, integrity, or availability of the software.The HSQLDB is only included to facilitate installation, has been deprecated, and is not intended for production use per vendor guides. However,...
FI-2024-011
Critical
CVE-2024-6633
Patch Tuesday
Blog

Patch Tuesday Update August 2024

By Tyler Reguly on Thu, 08/15/2024
The three CVSS 9.8 vulnerabilities included in this month’s patch drop are likely to be the first thing that catches anyone’s attention this month. All three are remote, unauthenticated code execution, the very type of vulnerability where we previously would have used the word, “wormable.”
IT Infrastructure Protection
Security Advisory

Authentication bypass in GoAnywhere MFT prior to 7.6.0

Wed, 08/14/2024
An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification.
FI-2024-009
Medium
CVE-2024-25157
Security Advisory

Denial of Service in CLFS.sys

Mon, 08/12/2024
A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function.
FR-2024-001
Medium
CVE-2024-6768
Emerging Threats

VMWare Active Directory Vulnerability

Tue, 07/30/2024
Fortra is actively researching an authentication bypass vulnerability in VMware – CVE-2024-37085. This vulnerability can allow an attacker to bypass Active Directory integration authentication and obtain administrative access to a host. Updates from VMware and additional mitigation steps are available.
Patch Tuesday
Blog

Patch Tuesday Update July 2024

By Tyler Reguly on Thu, 07/11/2024
The first thing that everyone’s going to talk about this month is SQL Server. More than a quarter of the CVEs assigned by Microsoft this month describe SQL Server vulnerabilities. Thankfully, none of them are critical based on their CVSS scores and they’re all listed as “Exploitation Less Likely.”