A critical security vulnerability has been identified in Bitdefender’s GravityZone Update Server, potentially exposing organizations to server-side request forgery (SSRF) attacks. The flaw, designated CVE-2024-6980, has been assigned a high severity rating with a CVSS score of 9.2 out of 10, underscoring the significant impact on affected systems. This vulnerability stems from a verbose error-handling issue in the proxy service implemented within the GravityZone Update Server. As a result, an attacker could initiate SSRF attacks, posing severe risks to the security and integrity of targeted systems.
The vulnerability specifically impacts GravityZone Console versions before 6.38.1-5 running on-premises. Exploiting this flaw, attackers could potentially access sensitive internal resources, bypass established security controls, manipulate server operations, and gather confidential information. The high CVSS score reflects the critical nature of this vulnerability and the potential for substantial damage if it remains unaddressed.
In response to this pressing security concern, Bitdefender has acted swiftly by releasing an automatic update to product version 6.38.1-5, which addresses the identified flaw. Organizations using the affected versions of the GravityZone Update Server are strongly advised to update their systems to the latest version without delay to mitigate the risks associated with this vulnerability. Bitdefender’s proactive measures demonstrate their commitment to maintaining robust security for their users.
Credit for discovering this vulnerability goes to Nicolas VERDIER, also known as n1nj4sec, who followed responsible disclosure practices, allowing Bitdefender to develop and release a patch before the vulnerability was made public. To ensure comprehensive protection, users are recommended to verify their GravityZone Console versions, enable automatic updates, conduct thorough security assessments of potentially exposed systems, and monitor for any suspicious activities indicative of exploitation attempts. Staying vigilant and updated is crucial to safeguarding against potential threats posed by this significant vulnerability.
Reference:
