Jump to content

Search the Community

Showing results for tags 'flowmon'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


LinkedIn Profile URL


About Me


Cloud Platforms


Cloud Experience


Development Experience


Current Role


Skills


Certifications


Favourite Tools


Interests

Found 1 result

  1. Network monitoring and security solution Progress Flowmon was found to be carrying a maximum-severity vulnerability which could allow threat actors to escalate privileges and gain full access to the target endpoint. As reported by BleepigComputer, the performance tracking, diagnostics, and network detection and response tool was vulnerable to CVE-2024-2389, a flaw allowing attackers to gain unauthenticated access to the Flowmon web interface, where they can execute arbitrary system commands. To gain this access, the attackers would need to craft a custom API request. Thousands of victims A proof-of-concept (PoC) is already available, but the vulnerability is apparently not being abused in the wild just yet. Users are advised to apply the released patch immediately. Progress has since been alerted of the discovery, and released a patch. Flowmon versions 12.x and 11.x are all vulnerable. First patched versions are 12.3.5 and 11.1.14. Those with automatic updates enabled will have gotten the patch already. Those who opted for manual updates need to go to the vendor’s download center. After applying the patch, Progress recommends upgrading all Flowmon modules, too. While the vulnerability was discovered and reported by researchers from Rhino Security Labs, BleepingComputer reminds that Italy’s CSIRT also warned about it, roughly two weeks ago. Rhino Security Labs published the technical details and a demo on how to use the vulnerability, but a PoC was made available as early as April 10. At this time, there are conflicting reports on the number of Flowmon instances exposed on the public web, and thus vulnerable. Some search engines show about 500 exposed servers, while others see fewer than 100 instances. In any case, around 1,500 companies around the world use Flowmon, BleepingComputer added, including SEGA, KIA, TDK, Volkswagen, and others. So far, there is no evidence of abuse in the wild. More from TechRadar Pro How a piece of Brazilian malware became a global cybercrime exportHere's a list of the best firewalls around todayThese are the best endpoint security tools right now View the full article
  • Forum Statistics

    63.7k
    Total Topics
    61.7k
    Total Posts
×
×
  • Create New...