Which versions of ScienceLogic SL1 are affected by CVE-2024-9537?

Affected versions include SL1 versions prior to 12.1.3, 12.2.3, and 12.3. Patches are also available for older versions, such as 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.

What should users do to protect their ScienceLogic SL1 systems?

Users should update to SL1 versions 12.1.3+, 12.2.3+, or 12.3+. Patches are also available for older versions. Given the active exploitation of this vulnerability, it is imperative to apply the updates immediately.

Has CVE-2024-9537 been exploited in the wild?

Yes, CVE-2024-9537 has been actively exploited in the wild, prompting its addition to CISA’s Known Exploited Vulnerabilities (KEV) Catalog. RackSpace has already been affected by this vulnerability.

What is ScienceLogic SL1?

ScienceLogic SL1, formerly known as EM7, is an IT infrastructure monitoring and management platform that offers visibility, automation, and analytics across on-premises, cloud, and hybrid systems.

Attack

Critical vulnerability in ScienceLogic SL1 exploited - at least one major victim

Q: What is CVE-2024-9537?

CVE-2024-9537 is a critical vulnerability in ScienceLogic SL1, an IT infrastructure monitoring and management platform. It involves an unspecified third-party component, potentially allowing unauthorized access or remote code execution. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added it to its Known Exploited Vulnerabilities (KEV) Catalog due to active exploitation in the wild.

published: Oct. 22, 2024

Take action: If you are running ScienceLogic SL1, time to patch ASAP. Reach out to the vendor for latest patches and start patching. Rackspace was already hacked, don't be next.

Learn More

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-9537 to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting active exploitation of this vulnerability in the wild.

ScienceLogic SL1 is an IT infrastructure monitoring and management platform that provides visibility, automation, and analytics in on-premises, cloud, and hybrid systems.

This critical vulnerability involves an unspecified third-party component included with ScienceLogic SL1, potentially allowing unauthorized access or remote code execution.

Affected Product is ScienceLogic SL1 (formerly EM7)

Versions prior to 12.1.3
Versions prior to 12.2.3
Versions prior to 12.3

RackSpace was already hacked through this vulnerability.

Users are advised to update to SL1 versions 12.1.3+, 12.2.3+, or 12.3+.

Patches are also are available for older versions - 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x

Given the active exploitation, it's imperative to apply the patches immediately.

Critical vulnerability in ScienceLogic SL1 exploited - at least one major victim

Read More
Broadcom Brocade Fabric SAN vulnerability actively exploited
Botnet actively exploits flaws in NVRs, TP-Link routers
Critical Fortinet FortiWeb SQL injection vulnerability actively exploited
CISA reportd active exploitation of Meteobridge command injection …
CISA reports active expploit of Sierra Wireless Router …