Proof-of-concept code has been released for an exploit of a serious vulnerability in Progress Flowmon. That tool, which can map network performance, contains a major bug that allows code injection. It can now be easily exploited.
The bug is tracked as CVE-2024-2389. This is a bug in Flowmon versions before 11.1.14 and 12.3.5. The vulnerability allows an unauthenticated user to gain access to a system through the Flowmon interface. This allows the user to execute code on a system. That bug receives a CVSS score of 10 and is classified as Critical. It is a CWE-78 bug.
The vulnerability was confirmed earlier this week by the maker of Flowmon, Progress Kemp Technologies. The company then released a patch with 11.1.14 and 12.3.5 and called on administrators to apply it.
A proof-of-concept has now been published by security company Rhino Labs. This describes in detail how it is possible to exploit the vulnerability in practice. Flowmon is a tool that is widely used in large companies to map and optimize network stability. It is not known how many Flowmon instances can be accessed via the internet.
Leave a Reply
You must be logged in to post a comment.