Cyber Security Alert - Progress Addresses Critical Remote Code Execution Vulnerability

Summary

On 04-Sep-2024, Progress Software Corporation had issued a security advisory to address a critical vulnerability affecting its LoadMaster application delivery controller (ADC) load balancing solution and LoadMaster Multi-Tenant (MT) Hypervisor. If exploited, this improper input validation vulnerability could allow unauthenticated remote attackers to execute arbitrary system commands via the LoadMaster management interface.

LoadMaster is an application delivery controller (ADC) and load-balancing solution used by large organisations for optimizing app performance, managing network traffic, and ensuring high service availability.

The MT Hypervisor is a version of LoadMaster designed for multi-tenant environments, allowing multiple virtual network functions to run on the same hardware.

We strongly recommend that organisations running affected product versions upgrade to the latest supported software versions as soon as possible.

What is the Vulnerability?

We are providing the CVE score assigned by NIST and the severity rating assigned by the vendor at the time of disclosure

· CVE-2024-7591 – CVSS 10.0 CRITICAL- Progress LoadMaster Improper Input Validation Vulnerability – An improper input validation vulnerability, could allow attackers to inject OS commands through crafted HTTP requests targeting the management interface of Loadmaster. If exploited, this vulnerability enables potential malicious actors to execute commands on the underlying operating system without authentication.

Weakness Enumeration: CWE-20 - Improper Input Validation

What is Vulnerable?

· LoadMaster

o Version 7.2.60.0 and all prior versions

§ Multi-Tenant LoadMaster (LoadMaster MT)

· The individual instantiated LoadMaster VNFs and the MT hypervisor or Manager node.

· Multi-Tenant Hypervisor

o Version 7.1.35.11 and all prior versions

Recommendations

· Review LoadMaster Security Vulnerability CVE-2024-7591

· Identify the vulnerable product versions within your environment

o If identified upgrade Progress Software updated add-on package

§ Install using the controls on the System Configuration > System Administration > Update Software UI page.

§ Follow security hardening guidelines.

o Monitor network traffic for any signs of unusual activity that could indicate an attempted exploitation.

· For additional detail log in to open a new Technical Support case.

Words of Estimative Probability (WEPs) Certain words are used within intelligence products to convey analytical judgement regarding the probability of a development or event occurring. Our judgements are not factual statements, they reflect the best understanding of a scenario or situation at a point in time based on available information.

This diagram shows the relationships between the estimative terms and how they correspond to approximate ranges of likelihood:

Cyber Security Alert - Progress Addresses Critical Remote Code Execution Vulnerability

Post a Comment

Threat Research Advisory - When Your Company Hits the Darknet: Navigating the Surge in High-Validity Combolist-as-a-Service Threats

Cyber Security Alert - Cisco Addresses Multiple Vulnerabilities in Cisco Nexus Software

Cyber Security Alert - SonicWall Updates Advisory with Urgent Warning Regarding CVE-2024-40766: Potential Exploitation in the Wild

Cyber Security Alert - Windows Elevation of Privilege Vulnerability Chain-PoC Exploit Released

Incident Response Methodologies: SOPs (Standard Operating Procedures) / Playbooks / Runbooks

Cyber Security Alert-Ivanti Security Advisory EPM September 2024 Addresses Multiple Vulnerabilities in Endpoint Manager

Selecting the Right Framework for Threat Intelligence Teams

How to Eliminate the Threat Posed by Remote Access

Cybersecurity Concepts | From Threats to Breaches

Understanding the STRIDE Threat Modeling Framework

Contact Form