Overview
JetBrains has released a critical security advisory to address two vulnerabilities (CVE-2024-27198 and CVE-2024-27199) that are currently being exploited by cyber-attackers. Respectively, these vulnerabilities can allow an attacker to execute code remotely and perform system modifications and effect data disclosure.
SolarWinds has addressed a number of vulnerabilities in Security Event Manager (SEM) that includes a fix for critical vulnerability CVE-2024-0692, which could allow remote-code execution. Four third-party type vulnerabilities are covered in the SEM 2023.4.1 release notes.
Microsoft has reported a Windows Kernel Elevation of Privilege vulnerability. This is where it contains an exposed IOCTL (input/output control) with insufficient access control vulnerability within the IOCTL dispatcher that could allow an attacker to achieve privilege escalation.
VMware have released a security advisory addressing multiple vulnerabilities found in ESXI, Workstation, Fusion and Cloud Foundation. CVE-2024-22252 and CVE-2024-22253 are both classed as critical, with base scores of 9.3, allowing for remote code execution in virtual machines with privilege access, and a use-after-free vulnerability, respectively. There are two high-severity vulnerabilities: CVE—2024-22254 which is an out-of-bounds write vulnerability, and CVE-2024-22255 which is an information disclosure vulnerability.
Recommended Action
Organisations are encouraged to review the appropriate security advisory pages and apply the updates:
JetBrains – The TeamCity Blog
SolarWinds – CVE-2024-0692 and SEM 2023.4.1 Release Notes
Microsoft – Update Guide
VMware – Security Advisory
If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.