Security News > 2024 > August > Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)
Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made web shell dubbed VersaMem by the researchers. The malware harvests credentials enabling the attackers to access the providers’ downstream customers’ networks as an authenticated user. “Based on known and observed tactics and techniques, [Lumen’s] Black Lotus Labs attributes the zero-day exploitation of CVE-2024-39717 and operational use of the VersaMem web shell with moderate confidence … More → The post Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/08/27/cve-2024-39717-exploited/
Related news
- Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) (source)
- Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) (source)
- VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085) (source)
- China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates (source)
- Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008) (source)
- StormBamboo Compromises ISP, Spreads Malware (source)
- New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-22 | CVE-2024-39717 | Unrestricted Upload of File with Dangerous Type vulnerability in Versa-Networks Versa Director The Versa Director GUI provides an option to customize the look and feel of the user interface. | 7.2 |