Current ThreatQ Version Filter

Security Advisory - CISA Alert ICSA-24-352-01

Topic Publish Date: 2024-12-18

Valued Customer,

On December 17, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued the following ICS Advisory for a CVE associated with the ThreatQ platform:

CISA Advisory 24-352-01: https://www.cisa.gov/news-events/ics-advisories/icsa-24-352-01
CVE 2024-39703: https://www.cve.org/CVERecord?id=CVE-2024-39703

ThreatQ Platform versions prior to 5.29.3 (released July 3, 2024) contain a command injection vulnerability within the API endpoint that could allow an authenticated attacker to perform remote code execution.

The vulnerability is categorized as a blind execution in that while you can execute commands or code on the target system, you cannot see the immediate results of the execution. This makes it more difficult to exploit, but the severity is still considered high.

While ThreatQ versions 5.29.3+ and 6.1.0+ have addressed the vulnerability, ThreatQ versions 5.29.2 and older are still at risk. Customers still running those affected versions should upgrade to the latest version of ThreatQ v5 or ThreatQ v6 at their earliest convenience.