CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new flaw impacting Versa Director to its Known Exploited Vulnerabilities catalog. The medium-severity bug can allow a threat actor to upload a malicious file, while masquerading it as an innocent PNG image file. A successful exploit is only possible after a user with specific admin privileges has logged in. Agencies are required to protect against the flaw by applying fixes by September 13, 2024.