ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·3/25/2022
CVE-2019-11043 added to CISA KEV: PHP FastCGI Process Manager (FPM)
Status: ✅ Confirmed exploited in the wild
Date added: 2022-03-25
Required action: Apply updates per vendor instructions.
Due date: 2022-04-15
Why this matters
In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.