Rewterz

Rewterz Threat Alert –AZORult Stealer Malware Resurfaces and Evades Detection While Using Email Phishing – Active IOCs

January 18, 2024
Rewterz

Rewterz Threat Alert – Multiple Oracle Products Vulnerabilities

January 18, 2024

Rewterz Threat Alert – Multiple GitHub Enterprise Server Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-0200 CVSS:7.9

GitHub Enterprise Server could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe reflection flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-0507 CVSS:6.5

GitHub Enterprise Server could allow a remote authenticated attacker to gain elevated privileges on the system, caused by command injection in the Management Console. An authenticated attacker could exploit this vulnerability to gain elevated privileges on the system.

Impact

  • Code Execution
  • Privilege Escalation

Indicators Of Compromise

CVE

  • CVE-2024-0200
  • CVE-2024-0507

Affected Vendors

GitHUB

Affected Products

  • GitHub Enterprise Server 3.9.6
  • GitHub Enterprise Server 3.10.3
  • GitHub Enterprise Server 3.11.0
  • GitHub Enterprise Server 3.8.11
  • GitHub Enterprise Server 3.8.12
  • GitHub Enterprise Server 3.9.7
  • GitHub Enterprise Server 3.10.4
  • GitHub Enterprise Server 3.11.2

Remediation

Refer to the GitHub Web site for patch, upgrade or suggested workaround information.

CVE-2024-0200

CVE-2024-0507

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.