Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. High-Severity Vulnerability in GFI KerioControl Firewalls
Alert

High-Severity Vulnerability in GFI KerioControl Firewalls

11 February 2025

GFI Software has released security updates addressing a vulnerability (CVE-2024-52875) in GFI KerioControl firewall instances. This vulnerability is reportedly being actively exploited and the Proof of Concept exploit is publicly available.

Successful exploitation of the remote code execution vulnerability could allow attackers to inject malicious JavaScript code resulting in arbitrary code execution within the vulnerable application. 

The vulnerability affects GFI KerioControl network security software versions 9.2.5 through 9.4.5. 

Users and administrators of affected products are advised to update to the latest versions immediately.

More information is available here:

https://www.broadcom.com/support/security-center/protection-bulletin/cve-2024-52875-keriocontrol-crlf-injection-vulnerability

https://nvd.nist.gov/vuln/detail/CVE-2024-52875

https://karmainsecurity.com/hacking-kerio-control-via-cve-2024-52875

https://www.bleepingcomputer.com/news/security/over-12-000-keriocontrol-firewalls-exposed-to-exploited-rce-flaw/?fbclid=IwZXh0bgNhZW0CMTEAAR1-tHb7zrc6_rwYCL2Lv98XAUG5l_qHBAqQVmFN7h430LcvB00ayK6HD8s_aem__Jub7ykvw81T7mD3Z5uCxA

Back to top