A new critical PHP vulnerability (CVE-2024-4577) has been discovered which is being currently exploited in the wild. A successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary code on the vulnerable PHP server, leading to complete system compromise and deliver malware including ransomware. Severity level
CVSS Score: 9.8/Critical Description:- PHP is a widely used open-source scripting language commonly used for web development and commonly used on both Windows and Linux servers. PHP CGI is a method of running PHP scripts through the Common Gateway Interface (CGI) to handle HTTP requests and generate dynamic web content. The CVE-2024-4577 flaw is caused by an oversight in handling character encoding conversions, specifically the 'Best-Fit' feature on Windows when PHP is used in CGI mode.
Affected Versions:- PHP 8.3 versions earlier than 8.3.8 PHP 8.2 versions earlier than 8.2.20 PHP 8.1 versions earlier than 8.1.29 PHP 8.0 (EOL) , PHP 7.x (EOL), PHP 5.x (EOL)
Impact:- This Vulnerability if exploited could lead to the execution of arbitrary code, a scenario with severe consequences for system integrity and data security.
Resolution:- Upgrade to the latest version.
Mitigation:- If users are unable to upgrade, it is recommended to apply a mod_rewrite rule to block attacks. For further remediation steps check the references below. Reference:-