The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs and those affecting open source projects with very small userbases aren’t listed.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

CVE-2024-9474

• Severity: 6.9 MEDIUM
• Impacted Products: Palo Alto PAN-OS - various versions, see NIST link
• Description: A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.
• Remediation: Follow developer guidance.
• More Info: NVD - CVE-2024-9474
• PoC: https://github.com/Chocapikk/CVE-2024-9474

CVE-2024-0012

• Severity: 9.3 CRITICAL
• Impacted Products: This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software.
• Description: An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . Cloud NGFW and Prisma Access are not impacted by this vulnerability.
• Remediation: Follow developer guidance.
• More Info: NVD - CVE-2024-0012
• PoC: https://github.com/Sachinart/CVE-2024-0012-POC/

CVE-2024-49039

• Severity: 8.8 HIGH
• Impacted Products: Windows - see the Microsoft Advisory
• Description: Windows Task Scheduler Elevation of Privilege Vulnerability.
• More Info: NVD - CVE-2024-49039
• PoC: https://github.com/je5442804/WPTaskScheduler_CVE-2024-49039/

CVE-2024-47575

• Severity: 9.8 CRITICAL
• Impacted Products: FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7
• Description: Vuln allows attacker to execute arbitrary code or commands via specially crafted requests.
• More Info: NVD - CVE-2024-47575
• PoC: https://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575/ and full blog post here.

CVE-2024-8068 & CVE-2024-8069

• Severity: 5.1 MEDIUM
• Impacted Products: Citrix Virtual Apps and Desktops
• Description: Vuln allows attacker to execute arbitrary code or commands via specially crafted requests.
• More Info: NVD - CVE-2024-8069
• PoC: https://raw.githubusercontent.com/watchtowrlabs/Citrix-Virtual-Apps-XEN-Exploit/refs/heads/main/exploit-citrix-xen.py

CVE-2024-9680

• Severity: 9.8 CRITICAL
• Impacted Products: Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0
• Description: An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines.
• Remediation: Follow developer guidance.
• More Info: NVD - CVE-2024-9680
• PoC: https://github.com/tdonaworth/Firefox-CVE-2024-9680/

CVE-2024-47533

• Severity: 9.8 CRITICAL
• Impacted Products: Cobbler version 3.0.0 and prior to versions 3.2.3 and 3.3.7.
• Description: Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability. utils.get_shared_secret() always returns -1, which allows anyone to connect to cobbler XML-RPC as user '' password -1 and make any changes. This gives anyone with network access to a cobbler server full control of the server. Versions 3.2.3 and 3.3.7 fix the issue.
• More Info: NVD - CVE-2024-47533
• PoC: https://github.com/cobbler/cobbler/security/advisories/GHSA-m26c-fcgh-cp6h

CVE-2024-1212

• Severity: 9.8 CRITICAL
• Impacted Products: Progress Loadmaster, various versions.
• Description: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.
• More Info: NVD - CVE-2024-1212
• PoC: https://github.com/Chocapikk/CVE-2024-1212/

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.