"aiohttp" is an asynchronous HTTP client/server framework for asyncio and Python.  All versions below 3.9.2 have a vulnerability (CVE-2024-23334) that can lead to unauthorized access to arbitrary files on the system.  Successful exploitation could have an impact on data confidentiality.

A Proof-of-Concept (PoC) would have been released late February 2024, both for Windows and Linux.  Active scanning for CVE-2024-23334 was observed after publication of the PoC, by known ransomware groups among others. 

Patch

The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.  An update to aiohttp version 3.9.2 or later should fix the flaw.

 

Monitor/Detect

The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.

In case of an intrusion, you can report an incident via: https://cert.be/en/report-incident

 

While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.