top of page

CISA Urges Immediate Patching of Critical Jenkins Flaw Exploited by Ransomware Gangs

A severe vulnerability in the widely-used Jenkins automation server is being actively exploited by cybercriminals to deploy ransomware.


The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert about a path traversal flaw in Jenkins, identified as CVE-2024-23897. This vulnerability, with a CVSS score of 9.8, allows attackers to gain remote code execution, potentially leading to catastrophic consequences.


Originally disclosed by Sonar security researchers in January 2024, the flaw was patched in Jenkins versions 2.442 and LTS 2.426.3. However, recent attacks by the RansomExx ransomware gang and the IntelBroker threat actor underscore the urgency of applying these updates.


These cybercriminals have successfully exploited the vulnerability to infiltrate organizations like BORN Group and Brontoo Technology Solutions, highlighting the severe risks posed by unpatched systems.


CISA has mandated that federal agencies address the vulnerability by September 9, 2024. However, the agency strongly recommends all organizations, regardless of size or industry, to prioritize patching this critical flaw to protect against ransomware and other cyberattacks.


Key takeaways:

  • A critical Jenkins vulnerability (CVE-2024-23897) is actively exploited in ransomware attacks.

  • The flaw allows attackers to gain remote code execution.

  • Updates are available to address the vulnerability.

  • Immediate patching is strongly recommended for all organizations.


By promptly applying the necessary patches, organizations can significantly reduce their risk of falling victim to these devastating attacks.

4 views0 comments

Comments


bottom of page