BillQuick Web Suite’s severe vulnerability may affect 400K users

Threat Level – Red | Vulnerability Report
Download PDF

For a detailed advisory, download the pdf file here.

Multiple versions of BillQuick Web Suite have been found to have a critical vulnerability. Ahacker was able to get initial access to a US engineering company by exploiting this seriousvulnerability (CVE 2021 42258). It also infected the victim’s network with ransomware.This vulnerability can be addressed by upgrading BillQuick’s BQE Software to version22.0.9.1. Eight more vulnerabilities(CVE 2021 42344, CVE 2021 42345, CVE 2021 42346,CVE 2021 42571, CVE 2021 42572, CVE 2021 42573, CVE 2021 42741, CVE 2021 42742)have been uncovered, but no formal patch has been released.

Vulnerability Details


What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox