Chinese Hackers Exploit Versa Director Flaw: What You Need to Know

Volt Typhoon, a Chinese state-backed hacking group, exploited a zero-day flaw in Versa Director to deploy a custom webshell, stealing credentials and breaching corporate networks. The vulnerability, CVE-2024-39717, was found in a feature for uploading custom icons, allowing malicious Java files disguised as PNG images to execute remotely.

3P
Published: August 27, 2024 2:10 pmAdded: August 29, 2024 at 1:44 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew that a simple icon upload could become a high-stakes game of cat and mouse? Someone get these cybercriminals an art class because their PNGs are wreaking havoc!

Key Points:

  • Chinese hacking group Volt Typhoon exploited a zero-day flaw in Versa Director.
  • The flaw (CVE-2024-39717) allowed malicious Java files to be uploaded as PNG images.
  • Black Lotus Labs discovered the vulnerability and traced it back to SOHO routers.
  • Five organizations in the US and one in India were impacted.
  • Upgrading to Versa Director version 22.1.4 fixes the vulnerability.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?