Critical Security Flaw in Flowmon Exposes Global Firms to Remote Attacks: Update Now
April 25, 2024![Critical Security Flaw in Flowmon Exposes Global Firms to Remote Attacks: Update Now](https://cdn.brief.news/images/stories/7c349a1ee7ee0fc453dd71ceaaa50eb699430c1072ffb68c96607e170e4adf7157b806c8d07a689abc01ce0d25d51664f67b7f42d480f190778a43e3282cf048.jpg)
Progress Software's Flowmon has a critical vulnerability (CVE-2024-2389) affecting versions 11.x and 12.x.
The vulnerability permits remote attackers to execute system commands without authentication.
No exploitation has been reported, but a proof-of-concept exploit is available publicly.
The vulnerability was reported by researcher David Yesland.
Patched versions (v12.3.5 and 11.1.14) have been released; immediate upgrade is recommended.
Over 1,500 organizations globally, including Sega, TDK, and Kia, could be impacted.
Summary based on 1 source
Get a daily email with more Tech stories
Source
![PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) - Help Net Security](https://cdn.brief.news/images/links/7c349a1ee7ee0fc453dd71ceaaa50eb699430c1072ffb68c96607e170e4adf7157b806c8d07a689abc01ce0d25d51664f67b7f42d480f190778a43e3282cf048.jpg)
Help Net Security • Apr 24, 2024
PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) - Help Net Security