Security News > 2024 > August > Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)

Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made web shell dubbed VersaMem by the researchers. The malware harvests credentials enabling the attackers to access the providers’ downstream customers’ networks as an authenticated user. “Based on known and observed tactics and techniques, [Lumen’s] Black Lotus Labs attributes the zero-day exploitation of CVE-2024-39717 and operational use of the VersaMem web shell with moderate confidence … More → The post Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/08/27/cve-2024-39717-exploited/
Related news
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406) (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-22 | CVE-2024-39717 | Unrestricted Upload of File with Dangerous Type vulnerability in Versa-Networks Versa Director The Versa Director GUI provides an option to customize the look and feel of the user interface. | 7.2 |