Apple, Oracle, and Apache Issue Critical Updates for Actively Exploited and High-Risk Vulnerabilities
Organizations using Apple, Oracle, and Apache software must act quickly as critical security flaws have been disclosed, with some actively exploited in the wild.
Apple has patched two severe vulnerabilities in its macOS and iOS platforms, enabling attackers to execute remote code or conduct cross-site scripting (XSS) attacks. Oracle’s Agile Product Lifecycle Management (PLM) software is also under threat, with a vulnerability allowing unauthorized access to sensitive files. Meanwhile, Apache has issued updates for its OFBiz suite to address risks of remote code execution and security bypass attacks.
These vulnerabilities pose serious threats to data security and operational continuity. Users are strongly encouraged to apply the latest updates to protect their systems from potential compromise.
Apple Patches Exploited Zero-Day Vulnerabilities (CVE-2024-44308, CVE-2024-44309)
Apple has released emergency updates to address two severe vulnerabilities actively exploited in the wild. Identified as CVE-2024-44308 and CVE-2024-44309, these flaws affect Apple’s macOS, iOS, and visionOS platforms, exposing users to potential Remote Code Execution (RCE) and Cross-site Scripting (XSS) attacks.
What Are the Latest Apple Zero-Day Vulnerabilities?
- CVE-2024-44308 (CVSS 8.8): This vulnerability allows remote attackers to execute arbitrary code by tricking users into processing maliciously crafted web content. It stems from insufficient validation in JavaScriptCore; Apple added improved checks to mitigate it.
Details of CVE-2024-44308 (SOCRadar Vulnerability Intelligence)
- CVE-2024-44309 (CVSS 6.1): By exploiting this flaw in WebKit, attackers can bypass SameSite protections and perform XSS attacks, potentially compromising session data and cookies. The vulnerability was addressed with enhanced cookie state management.
Apple has confirmed the active use of these vulnerabilities to target Macs with Intel processors, but it has not revealed specific exploitation techniques. The vulnerabilities were reported by Google’s Threat Analysis Group (TAG).
Who Is Affected?
Apple has confirmed that these vulnerabilities affect a range of products, including iPhone XS and later models, iPads, Macs running macOS Sequoia, and the Apple Vision Pro mixed-reality headset. Users of these devices should take immediate action to address these zero-days.
What Should You Do?
Apple has released patches in the following updates:
- iOS and iPadOS versions 17.7.2 and 18.1.1
- macOS Sequoia version 15.1.1
- visionOS version 2.1.1
Users are strongly advised to update their devices to prevent exploitation. Further details can be found in Apple’s official advisory.
Identifying vulnerabilities isn’t enough—you need to understand their impact. With SOCRadar’s Vulnerability Intelligence, gain real-time insights into critical flaws like CVE-2024-44308, enabling swift action to protect your systems.
- Prioritize vulnerabilities based on exploitability and impact.
- Receive updates on exploits and emerging threats.
- Detailed guidance for mitigation and patching.
Track new CVEs and exploit trends with SOCRadar’s Vulnerability Intelligence
Another Critical Flaw Exploited: Oracle Agile PLM Privilege Escalation Vulnerability (CVE-2024-21287)
Aside from Apple’s zero-day vulnerabilities, another serious flaw has recently been actively targeted, affecting Oracle’s Agile Product Lifecycle Management (PLM) software. Tracked as CVE-2024-21287 (CVSS 7.5), this vulnerability allows remote attackers to access sensitive files without authentication, posing serious risks to intellectual property and business operations.
How Does the CVE-2024-21287 Vulnerability Work?
CVE-2024-21287 is remotely exploitable, enabling attackers to interact with the system over a network without requiring credentials. Successful exploitation grants access to files under the PLM application’s privileges, potentially exposing product designs, intellectual property, and other critical business data.
Details of CVE-2024-21287 (SOCRadar Vulnerability Intelligence)
Which Oracle Agile PLM Versions Are Affected?
This vulnerability impacts version 9.3.6 of the Agile PLM Framework and is already being actively exploited in the wild. Unpatched systems remain prime targets, underscoring the urgency for immediate updates. Further details on these attacks have not yet been disclosed.
Oracle has released security patches to mitigate this vulnerability and strongly advises affected users to apply them immediately. Delaying updates increases the risk of data breaches and operational disruption. For more details and patch information, visit Oracle’s official advisory.
Apache OFBiz Flaws Open the Door to RCE and CSRF Attacks (CVE-2024-47208, CVE-2024-48962)
Meanwhile, the Apache Software Foundation has addressed two vulnerabilities in its widely used OFBiz suite of business applications, one critical, and one high-severity. Tracked as CVE-2024-47208 and CVE-2024-48962, these flaws could enable attackers to execute arbitrary code and bypass security protections, posing significant risks to data and business continuity.
Details of the Vulnerabilities
- CVE-2024-47208 (CVSS 9.8): This vulnerability allows attackers to exploit Groovy expressions through manipulated URLs, enabling Remote Code Execution (RCE). The flaw stems from a combination of Server-Side Request Forgery (SSRF) and code injection issues.
Details of CVE-2024-47208 (SOCRadar Vulnerability Intelligence)
- CVE-2024-48962 (CVSS 7.5): By bypassing SameSite protections, attackers can perform Cross-Site Request Forgery (CSRF) attacks. This flaw leverages improper input neutralization in OFBiz’s template engine, potentially leading to unauthorized actions and data breaches.
As of now, there have been no reported instances of these vulnerabilities being exploited.
Affected Apache OFBiz Versions and Recommended Action
OFBiz users running versions prior to 18.12.17 are at risk.Apache urges all users to upgrade to this latest version immediately, as unpatched systems could be exposed to remote code execution and cross-site attacks, endangering both operational continuity and sensitive data.
For more details and to download the update, visit Apache OFBiz Downloads.
Your attack surface grows every day, but how much of it is truly secure? SOCRadar’s Attack Surface Management identifies and monitors your digital assets, helping you close security gaps before attackers can exploit them.
Monitor your digital assets and potential vulnerabilities with SOCRadar’s ASM module
SOCRadar’s Attack Surface Management (ASM) provides the tools you need to secure your organization’s digital footprint. By offering comprehensive visibility into exposed assets and services, ASM helps you identify potential risks that could be exploited by attackers.
With real-time alerts for misconfigurations and vulnerabilities, you can stay informed about security gaps as they arise. Moreover, actionable insights empower you to take proactive measures to mitigate risks and reduce exposure, ensuring your organization remains one step ahead of evolving threats.
Article Link: https://socradar.io/apple-oracle-and-apache-critical-updates-for-flaws/