The U.S. Cybersecurity & Infrastructure Safety Company (CISA) has added three new flaws in its Identified Exploited Vulnerabilities (KEV) catalog, together with a important OS command injection impacting Progress Kemp LoadMaster.
The flaw, found by Rhino Safety Labs and tracked as CVE-2024-1212, was addressed by way of an replace launched on February 21, 2024. Nevertheless, that is the primary report of it being underneath lively exploitation within the wild.
“Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management interface, enabling arbitrary system command execution,” reads the flaw’s description.
CVE-2024-1212 (CVSS v3.1 rating: 10.0, “critical”) impacts LoadMaster variations 7.2.48.1 earlier than 7.2.48.10, 7.2.54.0 earlier than 7.2.54.8, and seven.2.55.0 earlier than 7.2.59.2.
LoadMaster is an software supply controller (ADC) and load-balancing resolution utilized by giant organizations to optimize app efficiency, handle community site visitors, and guarantee excessive service availability.
CISA orders federal organizations utilizing the product to use the accessible updates and mitigations till December 9, 2024, or cease utilizing it.
No particulars in regards to the lively exploitation exercise have been printed presently, and the standing of its exploitation in ransomware campaigns is marked as unknown.
The opposite two flaws CISA added to KEV are CVE-2024-0012 and CVE-2024-9474, authentication bypass and OS command injection flaws respectively, impacting Palo Alto Networks PAN-OS Administration Interface.
Progress Software program not too long ago mounted one other max severity flaw in LoadMaster merchandise that enables distant attackers to execute arbitrary instructions on the system.
Recognized as CVE-2024-7591, the flaw is categorized as an improper enter validation drawback permitting an unauthenticated, distant attacker to entry LoadMaster’s administration interface utilizing a specifically crafted HTTP request.
CVE-2024-7591 impacts LoadMaster model 7.2.60.0 and all earlier variations, in addition to MT Hypervisor model 7.1.35.11 and all prior releases.
That stated, system directors seeking to improve to a protected model ought to transfer to a launch that addresses each most severity flaws in LoadMaster, even when lively exploitation for CVE-2024-7591 has not been noticed but.
