CISA Warns of Active Exploitation of Vulnerability in TeamT5 Product by Hackers
Critical Vulnerability in ThreatSonar Anti-Ransomware Product Exploited by Hackers
A critical vulnerability in the ThreatSonar Anti-Ransomware product, developed by Taiwanese cybersecurity firm TeamT5, has been exploited by hackers, according to a warning issued by the US Cybersecurity and Infrastructure Security Agency (CISA). The flaw, identified as CVE-2024-7694, is a high-severity arbitrary file-upload issue that allows remote attackers with administrator privileges to upload malicious files, potentially leading to the execution of arbitrary system commands on the server.
Vulnerability Details
CISA has added CVE-2024-7694 to its Known Exploited Vulnerabilities (KEV) catalog, which highlights security vulnerabilities that pose a threat to US government organizations. The agency has instructed federal agencies to address the vulnerability by March 10. The fact that TeamT5’s products, including ThreatSonar Anti-Ransomware, are used by government agencies in the United States, Japan, and Taiwan, may have contributed to CISA’s decision to prioritize this vulnerability.
Patch and Advisory
The vulnerability was patched in August 2024, and an advisory published by Taiwan’s TWCERT/CC at the time of patching noted that exploitation requires administrator privileges on the product platform. This suggests that the flaw may have been chained with another vulnerability to achieve exploitation.
Potential Impact
While t
About Author
English