CISA warns of attacks on Linux, Apache OFBiz, .NET and Paessler PRTG
The US cyber security authority CISA warns of observed attacks on vulnerabilities in Linux, Apache OFBiz, .NET and Paessler PRTG.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
The US IT security authority CISA warns of recently observed attacks in the wild on vulnerabilities in Linux, Apache OFBiz, Microsoft's .Net framework and Paessler PRTG. IT managers should therefore quickly check whether the latest security updates have been installed and update them if necessary.
On Thursday night, CISA issued a warning about a vulnerability in the Linux kernel that was exploited in an attack. The vulnerability affects the USB video class driver (UVC), which skipped frames with the type “UVC_VS_UNDEFINED” when processing video streams, which could lead to write accesses outside the intended limits, as these frames were not considered when calculating a buffer size (CVE-2024-53104). The vulnerability became known at the beginning of last December, and kernel updates to close the leak have been available since then.
Four other vulnerabilities attacked
Shortly beforehand, CISA also warned of further attacks in the wild. Attackers are targeting vulnerabilities in Apache OFBiz (CVE-2024-45195, fix available since September 2024), in Microsoft's .Net framework (CVE-2024-29059, fixes available since March 2024) and in Paessler PRTG(CVE-2018-9276, fixed in July 2018, and CVE-2018-19410, fixed in November 2018).
Videos by heise
CISA does not provide any further details, such as what the attacks look like, how far-reaching they are, what impact they have or how attacked systems can be identified. However, software updates that close the gaps are available for all attacked security gaps. IT managers who use the affected products should check whether all instances are up-to-date and therefore secure.
Attacks on security vulnerabilities in widely used software remain a permanent problem. Admins and users are apparently not always able to keep up with installing available updates. For example, it recently became known that a security vulnerability in 7-Zip was attacked and misused to infiltrate and execute malicious code. The software does not have an integrated update mechanism and is also unable to inform users when updates are available.
(dmk)
