Microsoft Azure, Google Cloud Platform, Amazon Web Services, and other major cloud providers and technology firms could be compromised in attacks leveraging the critical memory corruption flaw within the widely used logging and metrics software Fluent Bit, according to BleepingComputer.Such a vulnerability, tracked as CVE-2024-4323 and also known as Linguistic Lumberjack, could be leveraged by threat actors to facilitate remote code execution and denial-of-service attacks, as well as data exfiltration activities, a report from Tenable revealed."The researchers believe that the most immediate and primary risks are those pertaining to the ease with which DoS and information leaks can be accomplished," said researchers.Microsoft, Google, and Amazon have already been informed regarding the issue, which is expected to be fixed with Fluent Bit 3.0.4 release. Meanwhile, organizations using the vulnerable logging utility in their infrastructure have been urged to restrict Fluent Bit monitoring API access or deactivate the vulnerable API endpoint.
Cloud Security, Application security
Major cloud platforms at risk of critical Fluent Bit vulnerability

(Adobe Stock)
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



