overview

A critical vulnerability, CVE-2024-2389, affecting Progress Software’s Flowmon, the network monitoring and security solution, has been discovered. CVE-2024-2389 is an unauthenticated OS command injection flaw in Flowmon versions 11.x and 12.x.  

CVE-2024-2389 allows remote attackers to exploit the web interface and execute arbitrary system commands, potentially leading to severe security breaches. According to Progress Software, the vulnerability has been addressed through patches released earlier this month. Over 1,500 organizations worldwide rely on Flowmon, including companies like Sega, TDK, and Kia. 

Successful exploitation could help attackers gain unauthorized access and execute commands within the system. The PoC, along with technical details, has been made public, increasing the urgency for users to apply the necessary patches as soon as possible. Flowmon users are strongly advised to upgrade to the patched versions, v12.3.5 or 11.1.14. Stay informed, stay protected.  

 

 

avertium's recommendationS

  • Patched versions:  
    • Flowmon 12.3.5 
    • Flowmon 11.1.14 
  • Patched versions are available to all Flowmon customers. After upgrading Flowmon to patched versions, Progress recommends to upgrade all Flowmon modules you are using to the latest available versions. 
  • Please see Progress Software’s advisory for patch guidance.  

 

 

INDICATORS OF COMPROMISE (IoCs)

At this time, there are no known IoCs associated with CVE-2024-2389. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.   

 

 

How Avertium is Protecting Our CUSTOMERS

  • Expanding endpoints, cloud computing environments, and accelerated digital transformation have decimated the perimeter in an ever-expanding attack surface. Avertium offers Attack Surface Management, so you’ll have no more blind spots, weak links, or fire drills. See every threat in your attack surface, every device, every entry point, and every vulnerability. Our Attack Surface Management services include:  
    • Risk Assessments 
    • Pen Testing and Social Engineering  
    • Infrastructure Architecture and Integration  
    • Zero Trust Network Architecture 
    • Vulnerability Management 




 

SUPPORTING DOCUMENTATION

Maximum severity Flowmon bug has a public exploit, patch now (bleepingcomputer.com) 

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) - Help Net Security 

CVE-2024-2389 Flowmon critical security vulnerability – Kemp Support (kemptechnologies.com) 

 
Chat With One of Our Experts



Flash Notice Critical Vulnerability progress software OS Command Injection Flaw Blog