From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Name: Versa Security Bulletin: Update on CVE-2024-39717 - Versa Director Dangerous File Type Upload Vulnerability 2. Release Date: August 26, 2024 3. Affected Platform: Versa Director 4. Affected Users: Managed Service Providers 5. Impact: Privilege Escalation 6. Severity Level: High 7. Summary: - Versa Networks has published firewall requirements and system hardening guidelines since 2015. - The vulnerability allows malicious files to be uploaded by users with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin privileges. - Affected customers who failed to implement the above hardening and firewall guidelines exposed management ports to the internet, providing initial access to threat actors. - Versa has released a patch to fix the vulnerability and is working with all customers to ensure the patch and hardening guidelines are applied. 8. Exploitation Status: - The vulnerability has been exploited by known advanced persistent threat (APT) actors. - Although difficult to exploit, it affects all Versa SD-WAN customers using Versa Director who have not implemented system hardening and firewall guidelines. - CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) list (CVE-2024-39717). 9. Affected Systems and Versions: - Versions of Versa Director and their affected status: 10. Actions for Versa Customers: - Apply hardening best practices: Customers should ensure they follow Versa Director’s security hardening recommendations. Detailed system hardening and firewall rule guidelines are available. - Upgrade Director to a patched version: Versa recommends upgrading Director software to a patched version as soon as possible. - Check for exploitation: Customers can check for suspicious files uploaded to the directory. Run the command: — it should report file type as "image/png". 11. Resources: - Customers can download patched/updated versions of Versa Director from the following links: - 21.2.3: https://support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3 - 22.1.2: https://support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2 - 22.1.3: https://support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3 - 22.1.4: Not affected. 12. Additional Information Resources: - Security Bulletin on Hardening: Versa published a security bulletin titled “Security Bulletin: Firewall Requirements Review for Versa Components.” - Security Bulletin on Vulnerability Notification: Versa notified customers and partners about the zero-day vulnerability in Versa Director. - CISA Known Exploited Vulnerabilities Catalog: This CVE information is publicly released by CISA (Cybersecurity and Infrastructure Security Agency), part of the U.S. Department of Homeland Security, which maintains the Known Exploited Vulnerabilities (KEV) catalog. - Versa Security Portal Update: Versa has updated the PSIRT section of the Versa Security Portal with information and remediation guidance for CVE-2024-39717. - Versa System Hardening Guidelines: Since 2017, Versa has provided system hardening guidelines with comprehensive steps for implementing hardening processes. - Versa Firewall Requirements: Since 2015, Versa has provided firewall requirements detailing which ports and protocols should be opened on appropriate interfaces. 13. Summary: Versa is actively collaborating with customers and partners to ensure their security by applying patches and hardening attack surfaces according to the provided guidelines.