Pakistan Telecommunication Authority (PTA) has issued an urgent cybersecurity advisory following the discovery of a critical vulnerability in PHP that poses significant risks to Windows-based servers. The flaw, identified as CVE-2024-4577, enables attackers to execute remote code on affected systems, potentially leading to unauthorized access and control.
This newly identified vulnerability affects multiple versions of PHP installed on Windows operating systems. Specifically, PHP versions 8.3 before 8.3.8, 8.2 before 8.2.20, and 8.1 before 8.1.29 are impacted, leaving servers running outdated versions vulnerable to arbitrary code execution. The flaw is particularly concerning because it allows attackers to bypass a previously mitigated vulnerability, CVE-2012-1823, further amplifying the threat.
tPTA has classified this vulnerability as critical, urging immediate action to prevent exploitation. The attack vector relies on CGI argument injection, which allows cybercriminals to remotely execute malicious code, compromising the integrity of affected systems.
To mitigate the risks associated with CVE-2024-4577, PTA has issued several key recommendations for system administrators and users. First, the advisory urges all users to update their PHP installations to the latest available versions from php.net. Additionally, migrating to more secure server architectures, such as Mod-PHP, Fast CGI, or PHP-FP, is advised to reduce the attack surface and better protect systems from remote code execution vulnerabilities.
PTA also emphasizes the importance of regular updates and security patches across all software and systems to defend against known vulnerabilities. Administrators are urged to maintain a proactive security posture to minimize the risk of exploitation.
In the event of a breach or suspected exploitation of this vulnerability, PTA requests affected parties to report the incident through its CERT Portal or by email, ensuring a coordinated response to mitigate further damage.
The advisory underscores the growing importance of cybersecurity vigilance, urging administrators to act swiftly to protect their systems and data from evolving cyber threats.
