Registry Overwrite Vulnerability in WhatsUp Gold (CVE-2024-8785)

ISGroup Cybersecurity

WhatsUp Gold is a widely used network monitoring tool developed by Progress Software, valued by organizations for managing IT infrastructure. A critical vulnerability (CVE-2024-8785) has been disclosed in versions of WhatsUp Gold prior to 24.0.1.

ProductWhatsUp Gold
Date2024-12-10 16:07:04
Information
  • Trending
  • Fix Available

Technical Summary

CVE-2024-8785 stems from the improper use of a privileged API endpoint (NmAPI.exe) that allows unauthenticated remote attackers to modify the Windows Registry. Specifically, attackers can overwrite or create registry keys within HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch, redirecting the application’s behavior to load malicious code from attacker-controlled paths.

Recommendations

Update WhatsUp Gold to version 24.0.1 or later to mitigate this vulnerability.

[Callforaction-THREAT-Footer]