Security Advisory

Vulnerability Report: July 2024

Read Time 2 mins | 07 January 2025

Welcome to the monthly Vulnerability Report. In this report, we provide an overview of the most significant security vulnerabilities identified in the past month. Our focus is on vulnerabilities that are being actively exploited, which pose the biggest risk to you. Stay informed about the latest threats and take proactive steps to secure your systems against the latest attacks.

First things first, what is a CVE?

A CVE, or Common Vulnerabilities and Exposures, is a standardised identifier for known cybersecurity vulnerabilities. The purpose of CVEs is to provide a standardised method for identifying and cataloging security vulnerabilities, which helps organisations prioritise their vulnerability management efforts.

Why are CVEs important?

CVEs are publicly known vulnerabilities, some of them, like the ones listed below are currently being exploited, making sure you have the correct patches installed ensures your systems are safe from these attacks.

Actively Exploited

The following vulnerabilities are being actively exploited.

  1. CVE-2024-4577 - PHP-CGI OS Command Injection Vulnerability - PHP with Apache and PHP-CGI on Windows - Severity Rating: 9.8 (Critical)
    Details: When using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behaviour to replace characters in the command line given to Win32 API functions. This may allow a malicious user to pass options to the PHP binary being run, revealing the source code of scripts, running arbitrary PHP code on the server, etc.
    Affected Versions: PHP 8.1.* before 8.1.29, PHP 8.2.* before 8.2.20, PHP 8.3.* before 8.3.8
    Published: 2024-06-09

  2. CVE-2024-32896 - Android Pixel Privilege Escalation Vulnerability - Severity Rating: 7.8 (High)
    Details: There is a possible way to bypass security due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
    Published: 2024-06-13

  3. CVE-2024-4610 - Arm Mali GPU Kernel Driver Use-After-Free Vulnerability - Severity Rating: 5.5 (Medium)
    Details: Use After Free vulnerability allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.
    Affected Versions: Bifrost GPU Kernel Driver (from r34p0 through r40p0), Valhall GPU Kernel Driver (from r34p0 through r40p0)
    Published: 2024-06-07

What To Do

If you are currently running software listed above, make sure you install the latest version to stay secure.