The U.S. Cybersecurity and Infrastructure Security Agency added a critical security flaw in ScienceLogic SL1 to its Known Exploited Vulnerabilities catalog due to active zero-day exploitation.
This vulnerability, CVE-2024-9537, has a severity score of 9.3 and could lead to remote code execution via an unspecified third-party component.
Rackspace acknowledged an issue with the ScienceLogic EM7 Portal, which resulted in unauthorized access to their internal performance reporting systems due to the exploit.
Federal Civilian Executive Branch agencies must apply the fixes for this vulnerability by November 11, 2024, to mitigate risks to their networks.
[
Collection
]
[
|
...
]