heise PlusAbo
Anzeige

HCL BigFix Server Automation: Attackers can redirect traffic

The endpoint management platform HCL BigFix Server Automation is vulnerable. Attackers can exploit several security gaps.

listen Print view
Large servers are attacked by viruses and criminals, sometimes with guns

(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)

1 min. read
Security
By

Admins should check whether the HCL BigFix server automation installations are up-to-date. If this is not the case, attackers can attack systems.

Security update available

In a warning message, the developers write that they have closed three vulnerabilities in version 9.5.70. If attackers successfully exploit the gaps, they can redirect traffic to websites they control (CVE-2024-26159 “high”) or view unauthorized access data (CVE-2024-28849 “medium”).

So far, there is no information that attackers are already exploiting the vulnerabilities. However, admins should not hesitate too long and install the security update quickly.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten