Progress warns WhatsUp Gold has some critical security flaws, so patch now
Six high-severity and critical vulnerabilities have been addressed
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
WhatsUp Gold, a network monitoring solution built by Progress Software, carried numerous critical and high-severity vulnerabilities, which placed its users at great risk of different cyberattacks. The flaws were recently addressed, and the company urged the users toapply the fixesimmediately.
Progress recently published a new security advisory in which it warned WhatsUp Gold users of the flaws and announced the release of the patch.
The advisory, however, does not discuss what the flaws are or how they might have been abused.
Adding a chip to the cartridge
The flaws are listed as:
CVE-2024-46905: CVSS 8.8/10CVE-2024-46906: CVSS 8.8/10CVE-2024-46907: CVSS 8.8/10CVE-2024-46908: CVSS 8.8/10CVE-2024-46909: CVSS 9.8/10CVE-2024-8785: CVSS 9.8/10
In total, there were six vulnerabilities, two of which are rated critical - 9.8/10.
Progress Software said that the first fixed version is 24.0.1:
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“The WhatsUp Gold team has identified six vulnerabilities that exist in versions below 24.0.1,” the advisory reads. “We are reaching out to all WhatsUp Gold customers to upgrade their environment as soon as possible to version 24.0.1, released on Friday, September 20. If you are running a version older than 24.0.1 and you do not upgrade, your environment will remain vulnerable.”
WhatsUp Gold is a network monitoring software designed to provide comprehensive visibility into an organization’s IT infrastructure. It enables users to monitor devices, applications, servers, and network traffic in real time, helping to quickly identify and resolve performance issues.
To install the latest version, visit Progress’product list page, download the latest version, and run it on your WhatsUp Gold server. After that, just follow the prompts. Since there are no details about the flaws, we don’t know if they have been abused in the wild already.
ViaBleepingComputer
More from TechRadar Pro
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case
