Cybersecurity Chaos: NAKIVO Flaw Spells Trouble Amid Exploit Frenzy
CISA adds a high-severity flaw in NAKIVO Backup & Replication software to its KEV catalog. The vulnerability CVE-2024-48248 lets attackers read sensitive files, like “/etc/shadow.” With a CVSS score of 8.6, it’s the cyber equivalent of leaving your diary open at a hacker convention. Patch up before it’s too late!
Hot Take:
Looks like hackers are turning into digital librarians, checking out sensitive files faster than you can say “unauthenticated path traversal”! Watch out, NAKIVO users, or you might find your precious backups checked out and overdue!
Key Points:
- CISA has flagged a high-severity vulnerability in NAKIVO Backup & Replication software.
- The flaw, CVE-2024-48248, allows attackers to read sensitive files, affecting versions before 10.11.3.86570.
- A proof-of-concept exploit was published, and a patch is available in version v11.0.0.88174.
- Two more vulnerabilities in IP cameras and SAP NetWeaver are also added to the KEV catalog.
- FCEB agencies are required to mitigate these vulnerabilities by April 9, 2025.
Path to Trouble: NAKIVO’s Vulnerability
In a world where your digital files are more coveted than a secret family recipe, CISA is here to remind us that no software is too sacred for hackers. The agency has added a high-severity vulnerability in NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV) catalog. This latest addition, CVE-2024-48248, comes with a CVSS score of 8.6, which is just a fancy way of saying it could really mess up your day. The vulnerability allows unauthenticated attackers to read arbitrary files on your system, including the juicy ones like “/etc/shadow,” through the endpoint “/c/router.” Essentially, it’s like leaving your diary open on the lunch table for everyone to read.
Who Needs a Library Card?
For those still using versions of NAKIVO before 10.11.3.86570, it’s time to update faster than you can say “path traversal.” The vulnerability could let hackers read sensitive data that could serve as an on-ramp for further attacks. If this doesn’t already make you want to press that update button, consider this: the vulnerability could be exploited to access stored credentials from the database “product01.h2.db.” It’s like giving away your house keys to a stranger and then being surprised when they use your hot tub.
Not Just NAKIVO: More Trouble in the KEV Playground
NAKIVO isn’t the only one having a bad hair day in the cybersecurity world. The KEV catalog also welcomes two other vulnerabilities: CVE-2025-1316, an OS command injection flaw found in Edimax IC-7100 IP cameras, and CVE-2017-12637, a directory traversal vulnerability in SAP NetWeaver Application Server. The former is a ticking time bomb with a CVSS score of 9.3 and no patch in sight, thanks to the device reaching end-of-life. It’s like finding out your toaster is part of a botnet army and there’s no warranty left.
Lights, Camera, Exploitation!
Speaking of cameras, Akamai has reported that the vulnerability in Edimax IP cameras is already being exploited in the wild. Hackers with an affinity for default credentials are using this flaw to deploy Mirai botnet variants, making sure your IP camera has a more active social life than you do. Since May 2024, these cameras have been unwitting stars in the cybersecurity horror show, and it’s up to Federal Civilian Executive Branch (FCEB) agencies to bring down the curtain by applying the necessary mitigations by April 9, 2025.