CISA tags Progress Kemp LoadMaster flaw as exploited in assaults


CISA tags Progress Kemp LoadMaster flaw as exploited in assaults

The U.S. Cybersecurity & Infrastructure Safety Company (CISA) has added three new flaws in its Recognized Exploited Vulnerabilities (KEV) catalog, together with a crucial OS command injection impacting Progress Kemp LoadMaster.

The flaw, found by Rhino Safety Labs and tracked as CVE-2024-1212, was addressed by way of an replace launched on February 21, 2024. Nonetheless, that is the primary report of it being underneath lively exploitation within the wild.

“Progress Kemp LoadMaster incorporates an OS command injection vulnerability that enables an unauthenticated, distant attacker to entry the system by way of the LoadMaster administration interface, enabling arbitrary system command execution,” reads the flaw’s description.

CVE-2024-1212 (CVSS v3.1 rating: 10.0, “crucial”) impacts LoadMaster variations 7.2.48.1 earlier than 7.2.48.10, 7.2.54.0 earlier than 7.2.54.8, and seven.2.55.0 earlier than 7.2.59.2.

LoadMaster is an software supply controller (ADC) and load-balancing answer utilized by massive organizations to optimize app efficiency, handle community site visitors, and guarantee excessive service availability.

CISA orders federal organizations utilizing the product to use the out there updates and mitigations till December 9, 2024, or cease utilizing it.

No particulars in regards to the lively exploitation exercise have been printed right now, and the standing of its exploitation in ransomware campaigns is marked as unknown.

The opposite two flaws CISA added to KEV are CVE-2024-0012 and CVE-2024-9474, authentication bypass and OS command injection flaws respectively, impacting Palo Alto Networks PAN-OS Administration Interface.

Progress Software program not too long ago mounted one other max severity flaw in LoadMaster merchandise that enables distant attackers to execute arbitrary instructions on the gadget.

Recognized as CVE-2024-7591, the flaw is categorized as an improper enter validation drawback permitting an unauthenticated, distant attacker to entry LoadMaster’s administration interface utilizing a specifically crafted HTTP request.

CVE-2024-7591 impacts LoadMaster model 7.2.60.0 and all earlier variations, in addition to MT Hypervisor model 7.1.35.11 and all prior releases.

That stated, system directors trying to improve to a protected model ought to transfer to a launch that addresses each most severity flaws in LoadMaster, even when lively exploitation for CVE-2024-7591 has not been noticed but.

Recent Articles

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here