Pakistan Telecommunication Authority (PTA) issued a critical cybersecurity advisory regarding a recently discovered vulnerability in PHP, posing a severe threat to Windows-based servers. Identified as CVE-2024-4577, this flaw allows attackers to bypass a previously patched vulnerability (CVE-2012-1823) and execute unauthorized code remotely through CGI argument injection. This exposes servers running vulnerable PHP versions on Windows to potentially devastating attacks.
The advisory specifies that PHP versions 8.3 before 8.3.8, 8.2 before 8.2.20, and 8.1 before 8.1.29 are susceptible. The attack leverages remote code execution, granting attackers control over the server if exploited. Due to its severity, PTA classifies the threat as critical and urges immediate action to mitigate the risk.
To address this vulnerability, PTA recommends upgrading affected systems to the latest available PHP versions on php.net. Additionally, migrating to secure architectures like Mod-PHP, FastCGI, or PHP-FP further reduces the attack surface. This reduces the risk of exploitation by eliminating the vulnerable environment attackers target. Moreover, the advisory underscores the importance of consistent system and software updates to maintain critical security patches and minimize vulnerabilities.
Furthermore, PTA emphasizes vigilance and incident response measures. In the event of a breach or suspected exploit, prompt reporting through PTA CERT Portal or email is crucial. This allows for a coordinated response, minimizing the damage inflicted by attackers leveraging this vulnerability. By issuing this advisory and advocating for proactive measures, PTA aims to protect users from cyberattacks and ensure a more secure digital environment.
