The ebay owned web ecommerce platform Magento has recently discovered a remote code execution (RCE) vulnerability or “shoplift bug” in its core code that can lead to complete compromise of any Magento-based store.
More than 200,000 online stores using Magento are at high risk because attackers can gain complete control with administrator access.
What steps did Checkpoint take after vulnerability discovery?
Security vendor Check Point uncovered the flaw and disclosed it privately first to ebay with a couple of suggested fixes before the public announcement.
The security alert was sent to all users both through email and a dashboard notification but Magento does not currently include the patch in its official edition. Users will have to log in to get the patch and apply it.
What do I need to do to safeguard my store?
Checkpoint said that the vulnerability can affect any Magento based store and has urged to apply the security patch immediately to fix the flaw if not done so already. The patch was released on Feb 9,2015, SUPEE-5344, and is available to download here.
If you’d like to watch a demo of a way the RCE vulnerability can be exploited, Checkpoint has posted a video here.
What type of attack is it?
The vulnerability is actually composed of multiple vulnerabilities that eventually allow an unauthenticated hacker to execute PHP code on the web server.
The attacker bypasses all security mechanisms and gains full control of the system and its database, risking credit card information or financial and personal data.
There are a large number of Magento stores using both Community and Enterprise Editions that are still vulnerable.
Unpatched ecommerce sites remain under compromise threat
Check Point researcher Netanel Rubin, responsible for discovering the vulnerability, said that they are not aware of any current exploit.
But the bad news is that hackers have picked up on the advisory and are targeting unpatched applications, according to Analysts with Sucuri Security.
About 30% of ecommerce sites use Magneto platform for their online store and close to half of them remain unpatched. This not only represents a serious threat but also represents the need for understanding that security is a process requirement in every business.
Drushield provides you the security patched solution for your Magento store as well. Please act now to make sure that your Magento store is secure!