diff --git a/_cases/2024/DIVD-2024-00004.md b/_cases/2024/DIVD-2024-00004.md index 9ea1ef7b..a6cc14b1 100644 --- a/_cases/2024/DIVD-2024-00004.md +++ b/_cases/2024/DIVD-2024-00004.md @@ -33,6 +33,18 @@ timeline: - start: 2023-10-04 end: event: "Case started" +- start: 2024-03-01 + end: + event: "Discovery of NGOs and their domains started." +- start: 2024-09-30 + end: + event: "Roughly 56.000 candidate NGOs found for scanning, continuing discovery." +- start: 2024-11-04 + end: + event: "Vulnerability scanning has started on a first set of organisations." +- start: 2024-11-20 + end: + event: "Proceeding with first round of vulnerability notifications." --- ## Summary diff --git a/_cases/2024/DIVD-2024-00041.md b/_cases/2024/DIVD-2024-00041.md index 80376f21..6019c0c0 100644 --- a/_cases/2024/DIVD-2024-00041.md +++ b/_cases/2024/DIVD-2024-00041.md @@ -10,7 +10,8 @@ researchers: - Alwin Warringa - Max van der Horst cves: -- CVE-2024-6670 +- CVE-2024-6670 +- CVE-2024-7763 product: - Progress Software WhatsUp versions: @@ -39,7 +40,12 @@ timeline: - start: 2024-10-17 end: event: "Mails sent out." - +- start: 2024-11-12 + end: + event: "Second mail round has been sent out." +- start: 2024-11-12 + end: + event: "Case closed." --- ## Summary @@ -58,6 +64,7 @@ DIVD is currently working to identify parties that are running a vulnerable vers ## More information * {% cve CVE-2024-6670 %} +* {% cve CVE-2024-7763 %} * [National Vulnerability Database for CVE-2024-6670](https://nvd.nist.gov/vuln/detail/CVE-2024-6670) - [WhatsUp Gold Security Bulletin](https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-August-2024) - [Summoning Team Analysis](https://summoning.team/blog/progress-whatsup-gold-sqli-cve-2024-6670/) diff --git a/_cases/2024/DIVD-2024-00045.md b/_cases/2024/DIVD-2024-00045.md index 39919849..b6de2228 100644 --- a/_cases/2024/DIVD-2024-00045.md +++ b/_cases/2024/DIVD-2024-00045.md @@ -3,7 +3,7 @@ layout: case title: "SysAid ITSM SQL Injection vulnerability" author: Max van der Horst lead: Max van der Horst -excerpt: "In May 2024, a SQL Injection vulnerability has been discovered in SysAid ITSM that has been reported to be actively exploited as recent as October 2024. Exploitation can result in unauthorized access to your ITSM system." +excerpt: "In March 2024, a SQL Injection vulnerability has been discovered in SysAid ITSM that has been reported to be actively exploited as recent as October 2024. Exploitation can result in unauthorized access to your ITSM system." researchers: - Max van der Horst cves: @@ -34,8 +34,8 @@ timeline: --- ## Summary +DIVD has taken notice of active exploitation surrounding SysAid ITSM instances that are vulnerable to CVE-2024-36393. The vulnerability, which is an SQL Injection, was found in March 2024 and can lead to unauthorized actors gaining access to your organization's ITSM system. -DIVD has taken notice of active exploitation surrounding SysAid ITSM instances that are vulnerable to CVE-2024-36393. The vulnerability, which is an SQL Injection, was found in May 2024 and can lead to unauthorized actors gaining access to your organization's ITSM system. ## Recommendation