News and events Own Your Online External Link Report an incident
News and events Own Your Online External Link
  1. Welcome to CERT NZ
  2. Advisories
  3. Vulnerability affecting PHP on Windows

Vulnerability affecting PHP on Windows

Our advisories highlight current cyber security threats and vulnerabilities in New Zealand, and provide guidance on how to mitigate their impact.

Subscribe to our updates to be notified as soon as we publish an advisory.

12:00pm, 15 January 2025

TLP Rating: Clear

Vulnerability affecting PHP on Windows

CVE-2024-4577 is a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows. Successful exploitation enables unauthenticated attackers to execute arbitrary code and can lead to complete system compromise.

The NCSC is aware of active exploitation of this vulnerability. 

An upgrade to the versions listed on the vendor website is recommended.

What's happening

Systems affected

All versions of PHP on Windows prior to these versions: 
•    8.1.29, 
•    8.2.20, and 
•    8.3.8.

What this means

This vulnerability impacts all versions of PHP on Windows prior to the versions listed above. 

What to look for

How to tell if you're at risk

If you are running the vulnerable versions of PHP-CGI on Windows listed above. 

What to do

Prevention

Bug fixes for affected versions are available on the vendor website. Organisations are encouraged to update to following versions. 
•    8.1.29, 
•    8.2.20, and 
•    8.3.8.

More information

Refer to vendor website for more information. 
https://www.php.net/ External Link  

If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.
Report an incident to CERT NZ