Ethical Hacking News
Progress Kemp LoadMaster flaw exploited in wild attacks, according to a recent warning issued by the US Cybersecurity & Infrastructure Security Agency (CISA). The critical OS command injection vulnerability allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has issued a warning about a critical vulnerability in the Progress Kemp LoadMaster application delivery controller. The vulnerability, CVE-2024-1212, allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface and execute arbitrary system commands. The flaw impacts LoadMaster versions 7.2.48.1 before 7.2.48.10, 7.2.54.0 before 7.2.54.8, and 7.2.55.0 before 7.2.59.2. CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, indicating it's being actively exploited by attackers in the wild. Progress Software company has also fixed another maximum severity flaw in LoadMaster products, CVE-2024-7591, which impacts various versions of LoadMaster and MT Hypervisor. System administrators are advised to upgrade to a release that addresses both flaws to prevent potential attacks and minimize risk of compromise.
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has issued a warning regarding a critical vulnerability in the Progress Kemp LoadMaster application delivery controller and load-balancing solution, which is currently being exploited by attackers. The vulnerability, tracked as CVE-2024-1212, was discovered by Rhino Security Labs and addresses an OS command injection flaw that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution.
The flaw impacts LoadMaster versions 7.2.48.1 before 7.2.48.10, 7.2.54.0 before 7.2.54.8, and 7.2.55.0 before 7.2.59.2. According to the CISA description of the vulnerability, an attacker can exploit this flaw by sending a specially crafted HTTP request that triggers an OS command injection, allowing them to access the system and execute arbitrary commands.
The CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, which lists known exploited vulnerabilities in various software applications. This classification indicates that the vulnerability is being actively exploited by attackers in the wild.
Furthermore, the Progress Software company has recently fixed another maximum severity flaw in LoadMaster products, allowing a remote attacker to execute arbitrary commands on the device, tracked as CVE-2024-7591. This flaw impacts LoadMaster version 7.2.60.0 and all previous versions, as well as MT Hypervisor version 7.1.35.11 and all prior releases.
System administrators are advised to move to a release that addresses both maximum severity flaws in LoadMaster, even if active exploitation for CVE-2024-7591 has not been observed yet. This proactive measure will help prevent potential attacks and minimize the risk of compromise.
The CISA warning serves as a reminder of the importance of keeping software up-to-date with the latest security patches and maintaining robust cybersecurity practices to protect against emerging threats.
Related Information:
https://www.bleepingcomputer.com/news/security/cisa-tags-progress-kemp-loadmaster-flaw-as-exploited-in-attacks/
https://www.cisa.gov/news-events/alerts/2024/11/18/cisa-adds-three-known-exploited-vulnerabilities-catalog
https://www.hendryadrian.com/cisa-warns-of-actively-exploited-vulnerabilities-in-kemp-loadmaster-and-palo-alto-networks-pan-os/
https://nvd.nist.gov/vuln/detail/CVE-2024-1212
https://www.cvedetails.com/cve/CVE-2024-1212/
https://nvd.nist.gov/vuln/detail/CVE-2024-7591
https://www.cvedetails.com/cve/CVE-2024-7591/
Published: Tue Nov 19 17:49:20 2024 by llama3.2 3B Q4_K_M
