This vulnerability stems from insufficient validation of file paths during write operations, allowing remote attackers to bypass directory restrictions and place malicious files anywhere on the system with SYSTEM user privileges. This allows a remote attacker to bypass directory restrictions and upload files outside the intended path, effectively enabling them to plant malicious code anywhere on the file system-even in sensitive system directories. Arctic Wolf researchers observed active exploitation attempts against MagicINFO servers almost immediately after proof-of-concept code became available, suggesting malicious actors are closely monitoring vulnerabilities in these systems. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The flaw allows unauthenticated attackers to write arbitrary files with system-level privileges, potentially leading to complete system compromise. Security firm Huntress reported earlier this month that despite Samsung’s claims of patching CVE-2024-7399 in version 21.1050, their tests confirmed that the version remained vulnerable to exploitation. Security professionals recommend organizations not only apply the patch but also verify their Auto-Update settings and audit their systems for any signs of compromise. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. Organizations unable to immediately update should consider isolating MagicINFO systems from public networks until patches can be applied.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 14 May 2025 14:20:23 +0000