"CVE-2024-7694 is a high-severity arbitrary file-upload issue affecting TeamT5's ThreatSonar Anti-Ransomware product. The issue was patched in August 2024. "ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server," reads an advisory published at the time of patching by Taiwan's TWCERT/CC."
"A vulnerability affecting the ThreatSonar Anti-Ransomware product of Taiwan-based cybersecurity firm TeamT5 has been exploited in the wild, the US cybersecurity agency CISA warned on Tuesday. CISA added the ThreatSonar Anti-Ransomware flaw, tracked as CVE-2024-7694, to its Known Exploited Vulnerabilities (KEV) catalog and instructed federal agencies to address it by March 10. TeamT5's website indicates that the company's threat intelligence and protection solutions are used in"
CVE-2024-7694 is a high-severity arbitrary file-upload vulnerability in TeamT5's ThreatSonar Anti-Ransomware that has been exploited in the wild. CISA added the flaw to its Known Exploited Vulnerabilities catalog and directed federal agencies to remediate by March 10. TeamT5's threat intelligence and protection solutions are deployed in the United States, Japan, and Taiwan, including government agencies. The vulnerability was patched in August 2024. Exploitation requires administrator privileges on the product platform, allowing uploaded malicious files to execute arbitrary system commands. The flaw has likely been chained with another vulnerability. No public details on specific attacks are available. Speculation about China-linked actors lacks supporting evidence. Responses from TeamT5 and TWCERT/CC may be delayed by Lunar New Year.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]