Cyble Research & Intelligence Labs (CRIL) Top Vulnerabilities Report

Cyble Research & Intelligence Labs (CRIL) researchers have identified six critical vulnerabilities that security teams need to prioritize this week. These vulnerabilities include flaws in ServiceNow, Acronis, VMware, Microsoft Outlook, Progress Telerik, and Docker Engine.

One of the highlighted vulnerabilities is CVE-2024-37085, affecting VMware ESXi, an enterprise-class hypervisor. This high-severity authentication bypass vulnerability is actively being exploited by ransomware groups, allowing attackers to gain full access to ESXi hosts and potentially encrypting the hypervisor’s file system, causing business disruptions.

Another critical vulnerability is CVE-2017-11774, impacting Microsoft Outlook and allowing attackers to execute arbitrary commands. Researchers have developed a new post-exploitation framework named “Specula,” which can turn Outlook into a command and control beacon for remote code execution, making it easier for attackers to evade detection.

Other vulnerabilities include CVE-2024-4879 affecting ServiceNow, CVE-2024-6327 impacting Progress Telerik Report Server, CVE-2024-41110 targeting Docker Engine, and CVE-2023-45249 affecting Acronis Cyber Infrastructure. These vulnerabilities range from input validation issues to remote command execution flaws, posing significant risks to organizations.

In addition to these vulnerabilities, Cyble researchers also analyzed dark web exploits, industrial control system vulnerabilities, and web asset exposures in their weekly report. With the increasing sophistication of cyber threats, it is crucial for security teams to prioritize patching these vulnerabilities to protect their organizations from potential attacks.