SecurityWeek reports that intrusions involving the exploitation of a format string injection vulnerability in the widely used general document conversion toolkit Ghostscript, which could be used to achieve remote code execution, have already been ongoing.
Attackers could leverage the flaw, tracked as CVE-2024-29510, via image and document processors to evade Ghostscript's sandbox, execute shell commands, leak stack-based data, and achieve memory corruption.
Attacks by the threat operation entailed the initial targeting of breached devices before proceeding with the exploitation of vulnerable Microsoft Exchange, Atlassian Confluence, and Apache Log4j instances.
Major product lifecycle management software provider PTC has released a fix for a maximum severity vulnerability impacting a license server of its widely used Creo Elements/Direct modeling CAD software, tracked as CVE-2024-6071, reports SecurityWeek.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.