"Whatsup Gold": Bypassing login possible due to critical vulnerabilities
Progress closes critical security gaps in the "Whatsup Gold" monitoring software with updated software.
(Image: Bild erstellt mit KI in Bing Image Creator durch heise online / dmk)
The network monitoring software "Whatsup Gold" from the manufacturer Progress has a number of security vulnerabilities. The developers even classify two of them as critical. The manufacturer is providing updated software that IT managers should install quickly.
Progress summarizes the vulnerabilities that the update to Whatsup Gold 2024.0.0 closes in a security notice. Progress has reserved CVE numbers, but they have not yet been published. Two vulnerabilities allow unauthenticated attackers to obtain the encrypted password of user accounts through SQL injection attacks (CVE-2024-6670, CVE-2024-6671, both CVSS 9.8, risk"critical"). The vulnerabilities were reported by the Zeroday Initiative (ZDI), which specifies in its warning that attackers can use them to bypass the authentication of the system and therefore compromise it.
Another security vulnerability is highly risky
Another vulnerability seals the update, which allows malicious actors with low access rights to extend their rights in the system. This leak is also based on an SQL injection vulnerability (CVE-2024-6672, CVSS 8.8, high risk).
The developers at Progress write that they have not yet received any reports of the vulnerabilities being attacked. They are also not aware that the vulnerabilities have an impact on customers' operational business. The company is providing instructions that IT managers can use to carry out the update.
Videos by heise
At the beginning of August, IT researchers from the Shadowserver Foundation observed that a vulnerability in Whatsup Gold was attacked in the wild following the publication of a proof-of-concept exploit. Cybercriminals apparently see the software as a worthwhile target. Admins should therefore download and apply the update promptly.
(dmk)
