Posts by Versa Security Research Team

Versa Security Bulletin:  Update on CVE-2024-39717 – Versa Director Dangerous File Type Upload Vulnerability 

Versa Security Research Team
By Versa Security Research Team

August 26, 2024

A medium-severity vulnerability was discovered in Versa Director (CVE-2024-39717), and a patch has been released. Impacted customers failed to implement system hardening and firewall guidelines, leaving a management port exposed on the internet.

Versa Security Bulletin: Palo Alto Networks PAN-OS GlobalProtect Zero-Day Vulnerability under Active Exploitation

Versa Security Research Team
By Versa Security Research Team

April 19, 2024

CVEs: CVE-2024-3400; Summary Recently Palo Alto Networks announced a critical vulnerability in their PAN-OS software used in their GlobalProtect VPN Gateway, which is a feature in the PAN-OS Firewall. The discovery and public disclosure of the vulnerability and fixes timeline is currently as follows:  Volexity first discovered the PAN-OS attack on April 10, 2024 at one of its network security monitoring (NSM) customers, and on April 11, 2024 subsequently learnt that another NSM customer was compromised by the same threat actor.   Palo Alto Networks was then notified by Volexity that a zero-day vulnerability in its GlobalProtect Gateway was under active…

Versa Security Bulletin: ConnectWise ScreenConnect Authentication Bypass and Path-Traversal Vulnerabilities

Versa Security Research Team
By Versa Security Research Team

March 8, 2024

CVEs: CVE-2024-1708; CVE-2024-1709 Summary On Feb. 13, 2024, ConnectWise was notified of two vulnerabilities in their remote access tool ScreenConnect. On Feb. 19, 2024, ConnectWise publicly disclosed two new high severity and critical vulnerabilities patched in its remote access tool ScreenConnect Version 23.9.8, with the following CVEs: CVE-2024-1708 Path-Traversal vulnerability (CWE-22) and CVE-2024-1709 Authentication Bypass vulnerability (CWE-288). These vulnerabilities can be exploited to deliver Remote Access Trojans (RATs), Ransomware, Cryptocurrency miners, Stealer malware and many others. CVE Description CVSSv3 Severity CVE-2024- 1709 (CWE-288) Authentication Bypass Using Alternate Path or Channel 10.0 Critical CVE-2024- 1708 (CWE-22) Improper Limitation of a Pathname to…

Versa Security Bulletin: Volt Typhoon Exploitation of N-Day and Zero-Day Vulnerabilities

Versa Security Research Team
By Versa Security Research Team

February 28, 2024

Summary This security bulletin focuses on understanding the sophisticated exploitation of critical n-day and zero-day vulnerabilities in VPN and other network devices by state-sponsored threat actors, reinforcing the urgency for organizations to prioritize patching vulnerabilities in appliances known to be targeted. The recent exploitation of the critical FortiOS vulnerability followed a disclosure by CISA and other federal agencies revealing that China-linked threat group Volt Typhoon has been known to exploit network appliances from several vendors including Fortinet. Fortinet released a blog post to coincide with the U.S. agencies’ advisory, which pointed to “the need for organizations to have a robust…

Versa Security Bulletin: Multiple Vulnerabilities Affecting Ivanti Connect Secure and Ivanti Policy Secure

Versa Security Research Team
By Versa Security Research Team

February 7, 2024

CVEs: CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, CVE-2024-21893 Summary Recently, Ivanti Connect Secure appliances have faced active exploitation through a series of linked vulnerabilities of high or critical severity. On January 10, 2024, Ivanti disclosed two new vulnerabilities in its Ivanti Connect Secure and Ivanti Policy Secure gateways: CVE-2023-46805 (high severity authentication bypass vulnerability) and CVE-2024-21887 (critical severity command injection vulnerability).

Versa Security Bulletin: Okta Customer Support Security Incident

Versa Security Research Team
By Versa Security Research Team

December 5, 2023

On October 20, 2023, Okta disclosed a security incident affecting their customer support management system. In a note following that disclosure Okta said that from September 28, 2023, to October 17, 2023, a threat actor gained unauthorized access to files inside Okta’s customer support system associated with 134 Okta customers, or less than 1% of Okta customers.

Topics





Recent Posts








Top Tags


Gartner Research Report

2023 Gartner® Critical Capabilities for SD-WAN

Versa Networks has been positioned in the highest ranked three vendors for all five Use Cases in the 2023 Gartner® Critical Capabilities for SD-WAN Report.