CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5

A vulnerability affecting the ThreatSonar Anti-Ransomware product of Taiwan-based cybersecurity firm TeamT5 has been exploited in the wild, the US cybersecurity agency CISA warned on Tuesday.

CISA added the ThreatSonar Anti-Ransomware flaw, tracked as CVE-2024-7694, to its Known Exploited Vulnerabilities (KEV) catalog and instructed federal agencies to address it by March 10.

TeamT5’s website indicates that the company’s threat intelligence and protection solutions are used in the United States, Japan, and Taiwan, including by government agencies.

This could explain why CISA added the vulnerability to its KEV list, which focuses on security holes that could pose a threat to US government organizations.

CVE-2024-7694 is a high-severity arbitrary file-upload issue affecting TeamT5’s ThreatSonar Anti-Ransomware product. The issue was patched in August 2024.

“ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files ...