Cybersecurity Threat Advisory: Aviatrix Controller vulnerability

Home / QSOL IT News / Aviatrix Controller / Cybersecurity Threat Advisory: Aviatrix Controller vulnerability
Cybersecurity Threat Advisory

Cybersecurity Threat Advisory

A critical security vulnerability in the Aviatrix Controller cloud networking platform has been discovered and is actively exploited by threat actors to deploy backdoors and cryptocurrency miners. Multiple cloud deployments have reported that they have been compromised following this disclosure. Continue reading this Cybersecurity Threat Advisory to reduce the impact of this critical vulnerability.

What is the threat?

The vulnerability, CVE-2024-50603 (CVSS score: 10.0), is a critical flaw that could lead to unauthenticated remote code execution. Exploiting this flaw allows attackers to inject malicious commands due to improperly sanitized user input on certain API endpoints. According to Wiz researchers, when deployed in AWS cloud environments, the Aviatrix Controller allows privilege escalation by default.

Why is it noteworthy?

Aviatrix Controller is used to manage and automate AWS deployments. While there is no direct evidence of lateral movement within the cloud at this time, it is likely that threat actors are exploiting this vulnerability to impersonate the cloud permissions of the host, potentially enabling them to pivot and exfiltrate data from the victim’s cloud environments.

What is the exposure or risk?

Approximately 3 percent of cloud enterprise environments use Aviatrix Controller. However, in about 65% of these environments, virtual machines hosting Aviatrix Controller have access to administrative cloud control permissions. The vulnerability affects Aviatrix Controller versions 7.1 prior to 7.1.4191 and 7.2 prior to 7.2.4996.

What are the recommendations?

Barracuda recommends the following actions to mitigate the effects of this vulnerability:

  • Apply security update as soon as possible.
  • Upgrade to version 7.2.4996, which is not affected by CVE-2024-50603.
  • Prevent public access to the controller via port 443.

For more in-depth information on the above recommendations, please visit the following links:

If you have any questions about this Cybersecurity Threat Advisory, please contact Barracuda Managed XDR’s Security Operations Center.

This post originally appeared on Smarter MSP.

Related Post

Cybersecurity Threat Advisory: Fortinet zero-day vulnerability

A critical zero-day vulnerability has been found affecting Fortinet FortiOS and FortiProxy devices. This vulnerability enables attackers to bypass authentication

cybersecurity, Cybersecurity Threat Advisory, day vulnerability, Featured, Fortinet, Security, SSL, Syndicated, Threat Advisory, VPN, Zero, zero-day vulnerability

2025’s Top Biotech Cybersecurity Threats & Risk Reduction

In 2025, cybersecurity threats are evolving faster than ever with attackers leveraging AI technologies and targeting high-value industries like biotechnology.

2025, Biotech, Business, cybersecurity, Finance, QSOL Featured, Syndicated, Technology, threats

Should Your Small Business Adopt An MSP For

Integral to the workplace’s digital transformation is the question every organisation faces: Should you outsource your UC management to a

Business, Collaboration, communication, Culture, managed service provider, Security, Service Management, Service Provider, Small Business, SMBs, Syndicated, Technology, UCaaS, Unified Communications
How GPU and AI Technologies Are Accelerating Biotech Breakthroughs

How GPU and AI Technologies Are Accelerating Biotech

AI and generative AI are dramatically accelerating the pace of scientific research. We’ll share the new GPU and AI technology

Biotech, QSOL Featured, Science, Security, Syndicated, Technology