Skip to main content
All CollectionsSecurity Bulletins
No exposure to CVE-2024-4577 (RCE on PHP for Windows)
No exposure to CVE-2024-4577 (RCE on PHP for Windows)
Bertel Torp avatar
Written by Bertel Torp
Updated over a week ago

The Ulobby Platform is unaffected.

What is the vulnerability?

Is Ulobby impacted?

  • Upon becoming aware of the potential, Ulobby initiated an investigation to determine if the vulnerable versions where deployed on Ulobby servers. This investigation, was concluded on june 8th and found no usage of the vulnerable software, and no action required for Ulobby customers

  • The vulnerability is related to encoding conversion within the Windows operating system and as none of our systems run on windows they are not influenced and we are positive that the vulnerability does not have implications for our customer data.

  • As a security precaution we have deployed firewall rules to block attempts to use the vulnerability and/or scans of our network for exposure to the vulnerability. When triggered the rules are used to identify and block malicious actors (honeypot). So note that if you run scans against our systems, make sure to do so from another network than your users.

Do I need to do anything?

  • Customers do not need to take any action.

We have concluded our research of this vulnerability.

Did this answer your question?