Reading time: 2 minutes.
Flowmon, a crucial network performance monitoring solution, is under attack due to a high-severity vulnerability. The platform, used by more than 1,500 global companies, including SEGA, KIA and Volkswagen, has been hit by a public exploit that puts the security of corporate networks at risk. The security issue, designated CVE-2024-2389, received the maximum severity score of 10 out of 10.
Depth of Vulnerability
The bug in question allows attackers to gain unauthenticated remote access to the Flowmon web interface and execute arbitrary system commands. This access is achieved through a specifically crafted API request, exploiting security gaps in the software. The ease with which this vulnerability can be exploited makes it particularly dangerous, and was demonstrated by a proof-of-concept exploit released by Rhino Security Labs.
Response and updates from Progress Software
Progress Software, the developer of Flowmon, quickly responded with a critical update, urging all users to immediately install the new software versions, v12.3.5 and v11.1.14, to mitigate the risk. Updates were made available through automatic download of packages or manually through the download center.
Importance of the Update and Security Measures
It is vital that all organizations using Flowmon verify their software versions and apply updates without delay. In addition to automatic updates, regular review of security settings is recommended to prevent future vulnerabilities. The focus on security must be maximum, given the ease with which attacks can be conducted via existing exploits.
Long-Term Implications for Flowmon Users
Organizations must recognize the growing sophistication of cyber attacks and the importance of maintaining up-to-date and secure systems. Proactively managing threats and understanding their potential vulnerability they become essential components of cybersecurity in an increasingly interconnected world.
