CISA warned that a vulnerability in TeamT5’s ThreatSonar Anti-Ransomware (CVE-2024-7694) has been exploited in the wild and was added to the Known Exploited Vulnerabilities catalog. The high-severity arbitrary file-upload flaw was patched in August 2024, but CISA ordered federal agencies to remediate it by March 10 due to the product’s use by government clients. #CVE-2024-7694 #ThreatSonar
Keypoints
- CISA added CVE-2024-7694 to its KEV catalog and set a remediation deadline of March 10 for federal agencies.
- The vulnerability is a high-severity arbitrary file-upload flaw in ThreatSonar Anti-Ransomware that was patched in August 2024.
- Attackers with administrator privileges on the product can upload malicious files to execute arbitrary system commands.
- TeamT5’s ThreatSonar is used by government and infrastructure clients in the US, Japan, and Taiwan, increasing potential risk.
- Exploitation likely involves chaining with another vulnerability, and attribution to China-linked actors remains speculative without evidence.