Exploitation in the Wild of Aviatrix Controller RCE (CVE-2024-50603)
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A critical code execution vulnerability, CVE-2024-50603, affecting Aviatrix Controller has been observed being exploited in the wild. This unauthenticated remote code execution flaw allows attackers to execute arbitrary commands on the system, potentially leading to privilege escalation in AWS environments. Exploitation has resulted in cryptojacking and backdoor deployment. The vulnerability stems from improper handling of user-supplied parameters in the API. Around 3% of cloud enterprise environments have Aviatrix Controller deployed, with 65% of these having lateral movement paths to administrative cloud control plane permissions. Urgent patching and forensic investigation are recommended to mitigate risks.
OPENCTI LABELS :
backdoor,rce,sliver,cryptojacking,xmrig,aws,cloud security,privilege escalation,aviatrix controller,cve-2024-50603
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Exploitation in the Wild of Aviatrix Controller RCE (CVE-2024-50603)