Plattform
drupal
Komponente
drupal
Behoben in
10.2.11
10.3.9
11.0.8
10.2.11
10.2.11
10.2.11
10.2.11
CVE-2024-55636 describes a potential PHP Object Injection vulnerability discovered in Drupal Core. While not directly exploitable on its own, successful exploitation, combined with another vulnerability allowing unsafe input to unserialize(), could lead to arbitrary file deletion. This vulnerability affects Drupal Core versions up to 9.5.9 and is addressed in version 10.2.11.
The primary impact of CVE-2024-55636 lies in the potential for arbitrary file deletion. An attacker, possessing a separate vulnerability to inject malicious data into the unserialize() function, could leverage this object injection to target and delete critical system files or user data. The blast radius is dependent on the attacker's ability to exploit the prerequisite vulnerability and the permissions of the Drupal process. While no direct exploit exists within Drupal core, the possibility of chaining this vulnerability with others presents a significant risk, particularly in environments with complex configurations or third-party modules.
CVE-2024-55636 was published on December 10, 2024. It is not currently listed on KEV or EPSS, indicating a low to medium probability of exploitation. Public proof-of-concept (POC) exploits are not currently known, but the vulnerability's potential for chaining with other exploits warrants careful monitoring. The NVD entry provides further details and potential attack vectors.
Organizations running Drupal Core versions 9.5.9 and earlier, particularly those with complex module configurations or custom code that might introduce vulnerabilities allowing input to unserialize(), are at risk. Shared hosting environments utilizing Drupal Core are also potentially vulnerable due to the shared nature of the infrastructure.
disclosure
Exploit-Status
EPSS
8.79% (92% Perzentil)
CVSS-Vektor
The immediate mitigation for CVE-2024-55636 is to upgrade Drupal Core to version 10.2.11 or later. This version includes type declarations for properties in core classes, which helps prevent object injection. If upgrading is not immediately feasible, consider implementing strict input validation and sanitization to prevent malicious data from reaching the unserialize() function. While a WAF or proxy cannot directly prevent this vulnerability, they can help detect and block attempts to exploit it by monitoring for suspicious unserialization patterns. After upgrading, confirm the fix by attempting to trigger the vulnerability with a known malicious payload (if available) and verifying that the file deletion is prevented.
Actualice Drupal Core a la última versión disponible. Para las versiones 8.x a 10.2.x, actualice a la versión 10.2.11 o superior. Para las versiones 10.3.x, actualice a la versión 10.3.9 o superior. Para las versiones 11.0.x, actualice a la versión 11.0.8 o superior.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-55636 is a critical vulnerability in Drupal Core where an attacker, combined with another exploit, could potentially delete files. It requires a separate vulnerability to be exploitable.
If you are running Drupal Core versions 9.5.9 or earlier, you are potentially affected. Upgrade to 10.2.11 or later to mitigate the risk.
Upgrade Drupal Core to version 10.2.11 or later. Review third-party modules and custom code for potential vulnerabilities.
Currently, there are no reports of CVE-2024-55636 being actively exploited, but the potential for combined attacks remains a concern.
Refer to the official Drupal security advisory at https://www.drupal.org/security/advisories/cve-2024-55636 for detailed information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine composer.lock-Datei hoch und wir sagen dir sofort, ob du betroffen bist.