Device42 is a comprehensive data centre and popular asset management platform that enables IT administrators to discover, map and manage hardware, software, devices and networks on premises and across cloud environments.

Research reported that attackers who were exploiting these vulnerabilities could gain full access to the assets housed inside the platform through remote code execution (RCE). Bogdan Botezatu, director of threat research & reporting at Bitdefender, comments: “Vulnerabilities and misconfiguration in enterprise-grade applications pose a real threat to organisations, particularly when these applications are made available outside the company’s internal network.

“These vulnerabilities can expose extremely sensitive information belonging to organisations and, when they result in remote code execution, they can also be used to plant malware on the company’s network. In order to protect their assets, organisations need to run periodic security assessments of third-party applications, identify vulnerabilities and misconfiguration, and patch immediately.”