Broadcom Urges Immediate Patching for Critical Symantec PAM Vulnerabilities
Broadcom, the cybersecurity giant behind Symantec Privileged Access Manager (PAM), has issued a critical security advisory, urging users to apply the latest cumulative hotfix (4.1.7.50) to protect their systems from multiple severe vulnerabilities. These flaws could allow attackers to execute remote commands, bypass authentication, escalate privileges, and exploit various other security weaknesses within the PAM platform.
The Vulnerabilities:
The cumulative hotfix addresses a total of 11 vulnerabilities, including:
- CVE-2024-36455 (CVSS 9.4), CVE-2024-36456 (CVSS 9.4), CVE-2024-38492 (CVSS 9.4), CVE-2024-38494 (CVSS 8.6): These critical vulnerabilities could enable remote code execution on the affected PAM system, allowing attackers to gain complete control over the compromised environment.
- CVE-2024-36457: This vulnerability could allow attackers to bypass authentication mechanisms, gaining unauthorized access to sensitive resources.
- CVE-2024-36458: This flaw could allow attackers to escalate their privileges within the PAM system, potentially gaining access to even more sensitive data and functions.
- Other Vulnerabilities: The remaining vulnerabilities cover issues like SQL injection, reflected cross-site scripting, user enumeration, and insecure direct object reference, all of which could be exploited to compromise the security and integrity of the PAM system.
Immediate Action Required:
To mitigate these vulnerabilities, Broadcom has released patches that must be applied to the affected PAM systems. The installation of this cumulative hotfix requires the entire cluster to be stopped until the hotfix is applied to each PAM server, a process that takes several minutes per node. Broadcom recommends scheduling a service outage of sufficient duration to complete the upgrade of the production cluster seamlessly.