Critical ServiceNow vulnerabilities expose businesses to data breaches
- by nlqip
Another research firm Assetnote added one more bug (CVE-2024-5178), with less severity, to the list, but said, that when chained together, hackers can exploit the vulnerabilities to access the ServiceNow database.
“These vulnerabilities enable unauthenticated remote attackers to execute arbitrary code within the Now Platform, potentially leading to compromise, data theft, and disruption of business operations,” Resecurity wrote in a blog post.
To add fuel to the fire, a report by DarkReading has claimed that the vulnerabilities have been exploited and data of various organizations have been stolen. More so, the stolen data, acquired using these vulnerabilities, is being offered for sale on the dark web for a mere $5,000, DarkReading reported citing BreachForums.
Source link
lol
Another research firm Assetnote added one more bug (CVE-2024-5178), with less severity, to the list, but said, that when chained together, hackers can exploit the vulnerabilities to access the ServiceNow database. “These vulnerabilities enable unauthenticated remote attackers to execute arbitrary code within the Now Platform, potentially leading to compromise, data theft, and disruption of business…
Recent Posts
- Trump and Vance Phones Among Alleged Targets of Chinese Hackers
- Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
- Multiple Vulnerabilities in Siemens InterMesh Subscriber Devices Could Allow for Remote Code Execution
- AMD Boosts Instinct GPU Sales Forecast Again Due To High AI Demand
- New Windows Themes zero-day gets free, unofficial patches