Lucene search

K
impervablogGabi StapelIMPERVABLOG:0B8D31B8B5A52E7E53F4E87C36542D2C
HistoryFeb 22, 2024 - 5:43 p.m.

Imperva successfully defends against CVE-2024-25600 in WordPress Bricks Builder

2024-02-2217:43:05
Gabi Stapel
www.imperva.com
20
imperva
defends
wordpress
bricks builder
cve-2024-25600
rce
vulnerability
security
patches
protection

8.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.2%

A critical vulnerability in the Bricks Builder site builder for WordPress, identified as CVE-2024-25600, is currently under active exploitation, and poses a significant threat to over 25,000 sites. This flaw, with a CVSS score of 9.8, is an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary PHP code on affected websites, granting them the potential to take full control. The vulnerability resides in the prepare_query_vars_from_settings() function, specifically related to the improper use of security tokens known as "nonces" for verifying permissions. WordPress security firms have already observed numerous exploitation attempts, and urge users to update their installations immediately to safeguard against potential attacks.

While a public exploit was just released, Imperva Threat Research has only seen a handful of attempts using this exploit, although we expect to see numbers increase in the coming days. Imperva Threat Research has also observed exploitation attempts not listed in the PoC, with attackers trying to install PHP-based webshells to gain access to the servers running these sites, and successfully blocked the malicious attempts.

Imperva customers are protected against CVE-2024-25600. Imperva Cloud WAF and On-Prem customers with SecureSphere Emergency Feed enabled are protected out of the box. On-Prem customers without Emergency Feed will need to manually add the signature published via our Customer Portal. Even with protection, we urge our customers to remain vigilant and update their systems with the latest security patches.

The post Imperva successfully defends against CVE-2024-25600 in WordPress Bricks Builder appeared first on Blog.

8.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.2%