CVE-2024-9933
Authentication Bypass Using an Alternate Path or Channel (CWE-288)
Published: Oct 26, 2024 / Updated: 25d ago

010

CVSS 9.8EPSS 0.04%Critical

CVE info copied to clipboard

Summary

The WatchTowerHQ plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.6. This vulnerability is due to the 'watchtower_ota_token' default value being empty, and the absence of a not-empty check in the 'Password_Less_Access::login' function. As a result, unauthenticated attackers can log in to the WatchTowerHQ client administrator user.

Impact

This vulnerability allows unauthenticated attackers to gain unauthorized access to the WatchTowerHQ client administrator user account. Given the high confidentiality, integrity, and availability impacts, attackers could potentially view, modify, or delete sensitive information, make unauthorized changes to the WordPress site, and disrupt normal operations. The ability to bypass authentication and directly access administrator-level privileges presents a severe risk to the overall security of the affected WordPress installations.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is not explicitly mentioned in the provided information. However, given that the vulnerability affects versions up to and including 3.9.6 of the WatchTowerHQ plugin, it is likely that an update beyond version 3.9.6 would include a fix for this vulnerability. Users should check for and apply the latest version of the WatchTowerHQ plugin as soon as it becomes available.

Mitigation

1. Update the WatchTowerHQ plugin to a version newer than 3.9.6 as soon as a patched version is available. 2. In the meantime, consider temporarily disabling the WatchTowerHQ plugin if it's not critical for operations. 3. Implement additional access controls and monitoring for the WordPress admin area. 4. Regularly audit user accounts and access logs for any suspicious activities. 5. Implement network segmentation to limit potential impact if exploitation occurs. 6. Use a Web Application Firewall (WAF) to help detect and block potential exploit attempts.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2024-9933. See article

Oct 26, 2024 at 2:29 AM / Vulners.com RSS Feed

CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 26, 2024 at 2:29 AM

CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Oct 26, 2024 at 2:42 AM

CVE Assignment

NVD published the first details for CVE-2024-9933

Oct 26, 2024 at 3:15 AM

CVSS

A CVSS base score of 9.8 has been assigned.

Oct 26, 2024 at 3:20 AM / nvd

CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 26, 2024 at 3:30 AM

Threat Intelligence Report

CVE-2024-9933 is a critical authentication bypass vulnerability in the WatchTowerHQ plugin for WordPress, affecting versions up to 3.9.6, with a CVSS score of 9.8. Currently, there is no evidence of exploitation in the wild or public proof-of-concept exploits, but unauthenticated attackers can gain unauthorized access to the administrator account, posing severe risks to site security. Mitigations include updating to a version newer than 3.9.6, temporarily disabling the plugin, and implementing additional access controls and monitoring. See article

Oct 26, 2024 at 9:02 AM

EPSS

EPSS Score was set to: 0.04% (Percentile: 9.8%)

Oct 26, 2024 at 9:53 AM