Cryptojacking, backdoors abound as fiends abuse Aviatrix Controller bug

"Several cloud deployments" are already compromised following the disclosure of the maximum-severity vulnerability in Aviatrix Controller, researchers say.

CVE-2024-50603 leads to remote code execution (RCE) and default deployments of Aviatrix Controller in AWS allow for privilege escalation, making it especially dangerous.

That threat is compounded by the fact that the vulnerability, which was disclosed on January 7, now has a proof-of-concept (PoC) exploit publicly available. A separate researcher published it online within a day of the initial disclosure, a generally frowned-upon practice as it fails to offer defenders adequate time to apply any patches.

For example, even though the latest Ivanti vulnerability was already exploited as a zero-day by the time it was disclosed on January 8, some researchers are holding off until later this week to publish their PoCs to prevent the masses from getting their hands on an attack blueprint.

Aviatrix Controller is used to help manage and ...