प्लेटफ़ॉर्म
windows
घटक
whatsup-gold
में ठीक किया गया
2023.1.3
CVE-2024-4883 describes a critical Remote Code Execution (RCE) vulnerability affecting WhatsUp Gold network monitoring software. This flaw allows an unauthenticated attacker to execute arbitrary code on the system with service account privileges. The vulnerability impacts versions 2023.1.0 through 2023.1.2, and a patch is available in version 2023.1.3.
The impact of CVE-2024-4883 is severe. Successful exploitation grants an attacker complete control over the affected WhatsUp Gold server. This includes the ability to install malware, steal sensitive data (network configurations, performance metrics, credentials stored within the system), and potentially pivot to other systems on the network. Given WhatsUp Gold's role in network monitoring, an attacker could gain a comprehensive view of the entire network infrastructure, facilitating further reconnaissance and attacks. The lack of authentication required for exploitation significantly broadens the attack surface, making it accessible to a wide range of threat actors.
CVE-2024-4883 was publicly disclosed on June 25, 2024. The vulnerability is considered highly exploitable due to the lack of authentication and the ease of triggering the RCE. Public proof-of-concept (PoC) code is likely to emerge, increasing the risk of widespread exploitation. The CVSS score of 9.8 indicates a critical severity, and the vulnerability is likely to be added to CISA KEV catalog soon.
Organizations heavily reliant on WhatsUp Gold for network monitoring are at significant risk. This includes businesses with extensive network infrastructure, those using WhatsUp Gold for compliance monitoring, and those with limited security resources who may be slower to apply patches. Shared hosting environments where WhatsUp Gold is deployed could also be vulnerable if multiple tenants share the same server.
• windows / supply-chain:
Get-Process -Name NmApi -ErrorAction SilentlyContinue | Select-Object -ExpandProperty Id• windows / supply-chain:
Get-WinEvent -LogName Application -FilterXPath "*[System[Provider[@Name='WhatsUp Gold']]]" -MaxEvents 10• windows / supply-chain: Check Autoruns for suspicious entries related to NmApi.exe or WhatsUp Gold.
disclosure
एक्सप्लॉइट स्थिति
EPSS
92.24% (100% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2024-4883 is to immediately upgrade WhatsUp Gold to version 2023.1.3 or later. If upgrading is not immediately feasible, consider isolating the affected server from the network to prevent external access. While not a complete solution, implementing strict firewall rules to restrict access to NmApi.exe on port 4986 can reduce the attack surface. Monitor network traffic for suspicious connections to port 4986. After upgrading, confirm the vulnerability is resolved by attempting to trigger the vulnerability using the original exploit vector and verifying that the execution is blocked.
WhatsUp Gold को संस्करण 2023.1.3 या बाद के संस्करण में अपडेट करें। यह अपडेट रिमोट कोड एग्जीक्यूशन भेद्यता को ठीक करता है। Progress Software की आधिकारिक वेबसाइट से नवीनतम संस्करण डाउनलोड करें।
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2024-4883 is a critical Remote Code Execution vulnerability in WhatsUp Gold versions 2023.1.0–2023.1.2, allowing unauthenticated attackers to execute code.
If you are running WhatsUp Gold versions 2023.1.0 through 2023.1.2, you are affected by this vulnerability. Upgrade immediately.
Upgrade to WhatsUp Gold version 2023.1.3 or later to remediate the vulnerability. If immediate upgrade is not possible, isolate the server and restrict access to NmApi.exe.
While active exploitation is not yet confirmed, the vulnerability's critical severity and ease of exploitation suggest it is likely to be targeted soon.
Refer to the official WhatsUp Gold security advisory for detailed information and mitigation steps: [https://www.whatsmsgold.com/security-advisories](https://www.whatsmsgold.com/security-advisories)
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।