Critical Aviatrix Controller Vulnerability Exploited Against Cloud Environments

Attackers are exploiting a critical vulnerability in Aviatrix Controller to execute arbitrary code in AWS cloud environments.

Threat actors are exploiting a critical-severity remote code execution (RCE) vulnerability in Aviatrix Controller to deploy malware, cybersecurity firm Wiz reports.

The issue, tracked as CVE-2024-50603 (CVSS score of 10/10), exists because user-supplied input is not properly neutralized, allowing unauthenticated, remote attackers to inject arbitrary code that is executed with high privileges on the Aviatrix cloud networking platform.

The solution is designed to help organizations manage and secure their cloud infrastructure across multiple providers from a single place.

Impacting certain endpoints within the Aviatrix Controller’s API, which is implemented in PHP, the vulnerability was patched in December, but technical information on it was only published last week.

Following public disclosure, however, proof-of-concept (PoC) exploit code was published and a Nuclei template was also released.

Over the weekend, Wiz warned that threat ...