CISA has recently added a critical security vulnerability affecting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild.
This addition underscores the urgent need for organizations to address this vulnerability promptly to mitigate potential security risks.
The vulnerability tracked as CVE-2024-9537 has been assigned a CVSS v4 score of 9.3, indicating its critical severity.
It affects ScienceLogic SL1 (formerly known as EM7) and involves an unspecified third-party component packaged with the software.
Join ANY.RUN's FREE webinar on How to Improve Threat Investigations on Oct 23 - Register Here
The exact nature of the vulnerability has not been disclosed, but it could potentially lead to remote code execution
Affected Versions and Fixes
ScienceLogic has addressed the vulnerability in the following versions:
- 12.1.3 and later
- 12.2.3 and later
- 12.3 and later
Additionally, remediations have been made available for older versions, including 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x. The vulnerability has been reportedly exploited as a zero-day attack.
Cloud hosting provider Rackspace acknowledged an issue with their ScienceLogic EM7 Portal, which resulted in unauthorized access to three internal Rackspace monitoring web servers.
This incident highlights the real-world impact of the vulnerability and the urgency of applying the necessary patches.
By adding CVE-2024-9537 to the KEV catalog, CISA aims to alert organizations about the critical nature of this vulnerability and the need for immediate action.
Federal Civilian Executive Branch (FCEB) agencies must apply the fixes by November 11, 2024, to protect their networks against potential threats.
Including this vulnerability in the KEV catalog signifies its high risk to organizations. CISA strongly recommends that private businesses, industry, and state, local, tribal, and territorial (SLTT) governments prioritize mitigating vulnerabilities listed in the catalog.
Adding the ScienceLogic SL1 vulnerability to CISA’s KEV catalog is a crucial reminder of the ongoing threats organizations face.
By promptly addressing this vulnerability and staying vigilant about emerging security risks, organizations can significantly enhance their cybersecurity posture and protect their critical assets from potential exploitation.
How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide (PDF)