ExploitCVE-2024-9537
Inclusion of Functionality from Untrusted Control Sphere (CWE-829)
Summary
ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.
Impact
This vulnerability has a critical severity with a CVSS v3.1 base score of 9.8 and a CVSS v4.0 base score of 9.3. It can be exploited over the network without requiring user interaction or privileges. The vulnerability has high impact on confidentiality, integrity, and availability of the affected systems. Given the network attack vector and low attack complexity, this vulnerability could potentially lead to unauthorized access, data breaches, and system compromise. The vulnerability is actively being exploited in the wild and was added to the CISA Known Exploited Vulnerability list.
Exploitation
There is no evidence that a public proof-of-concept exists. The vulnerability is actively being exploited in the wild and was added to the CISA Known Exploited Vulnerability list. Its exploitation has been reported by various sources, including cisa.gov.
Patch
Patches are available. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Additionally, remediations have been made available for all SL1 versions back to version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.
Mitigation
To mitigate this vulnerability, it is strongly recommended to upgrade ScienceLogic SL1 to the latest patched version appropriate for your current version line. For version 12.x, upgrade to at least 12.1.3, 12.2.3, or 12.3. For older versions (10.x and 11.x), apply the available remediations provided by ScienceLogic. Given the critical severity and network-based attack vector, prioritize this patching effort. If immediate patching is not possible, consider implementing network segmentation to limit access to the affected systems and monitor for any suspicious activities.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red
Timeline
NVD published the first details for CVE-2024-9537
A CVSS base score of 9.8 has been assigned.
Feedly found the first article mentioning CVE-2024-9537. See article
Feedly estimated the CVSS score as MEDIUM
Feedly estimated the CVSS score as HIGH
EPSS Score was set to: 0.04% (Percentile: 13.9%)
Attacks in the wild have been reported by CISA Known Exploited Vulnerability.
Attacks in the wild have been reported by CISA - Known exploited vulnerabilities catalog. See article
This CVE started to trend in security discussions