[[{“value”:”
A proof of Concept (PoC) has been published for a critical Remote Code Execution (RCE) vulnerability identified in Fortra’s FileCatalyst software.
This vulnerability, tracked as CVE-2024-25153, poses a severe threat to organizations using the FileCatalyst Workflow Web Portal. It potentially allows attackers to execute arbitrary code on affected systems.
Fortra FileCatalyst
Understanding CVE-2024-25153
The core of the vulnerability lies in a directory traversal flaw within the ‘ftpservlet’ component of the FileCatalyst Workflow Web Portal.
Document
Free Webinar : Mitigating Vulnerability & 0-day Threats
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.
:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, that helps you to quantify risk accurately:
Exploiting this flaw, attackers can bypass intended security mechanisms to upload files outside the designated ‘uploadtemp’ directory through a specially crafted POST request.
Some strings were obfuscated, making the task of reverse engineering the application more challenging.
If an attacker successfully uploads a file to the web portal’s DocumentRoot, they could leverage specially crafted JSP files to execute arbitrary code on the server, including deploying web shells for persistent access and control.
The vulnerability has been assigned a CVSSv3.1 score of 9.8, categorizing it as critical due to its potential impact on confidentiality, integrity, and availability.
Fortran has addressed this vulnerability by releasing an update for FileCatalyst Workflow. Users are urged to upgrade to version 5.1.6 Build 114 or higher to mitigate the risk associated with CVE-2024-25153.Update Notification
Implications and Recommendations
The publication of a PoC for CVE-2024-25153 underscores the importance of timely patch management and vulnerability assessment within organizations.
Given this vulnerability’s critical nature, Fortra FileCatalyst Workflow users must apply the provided updates without delay.
Additionally, organizations should consider conducting a thorough security review of their web applications and implementing layered security measures to defend against similar threats.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
The post PoC Published for Critical RCE Vulnerability in Fortra FileCatalyst appeared first on Cyber Security News.
“}]] Read More
Cyber Security News
