A recently disclosed critical security flaw in the Aviatrix Controller cloud networking platform has been found actively exploited, enabling attackers to deploy backdoors and cryptocurrency miners.
The vulnerability, CVE-2024-50603, with a CVSS score of 10.0, allows unauthenticated remote code execution due to insufficient input sanitization in certain API endpoints.
Recent data indicates that approximately 3% of cloud enterprise environments have the Aviatrix Controller, with 65% showing paths to escalate privileges within the cloud environment.
Researchers have noted that real-world attacks exploiting this vulnerability primarily utilize mined cryptocurrency and the Sliver command-and-control framework, indicating a significant risk of data exfiltration.
Collection
[
|
...
]