Progress Software program Points Patch for Vulnerability in LoadMaster and MT Hypervisor

Sep 09, 2024Ravie LakshmananVulnerability / Enterprise Safety

Progress Software program has launched safety updates for a maximum-severity flaw in LoadMaster and Multi-Tenant (MT) hypervisor that might outcome within the execution of arbitrary working system instructions.

Tracked as CVE-2024-7591 (CVSS rating: 10.0), the vulnerability has been described as an improper enter validation bug that leads to OS command injection.

“It is possible for unauthenticated, remote attackers who have access to the management interface of LoadMaster to issue a carefully crafted http request that will allow arbitrary system commands to be executed,” the corporate mentioned in an advisory final week.

“This vulnerability has been closed by sanitizing request user input to mitigate arbitrary system commands execution.”

Cybersecurity

The flaw impacts the next variations –

  • LoadMaster (7.2.60.0 and all prior variations)
  • Multi-Tenant Hypervisor (7.1.35.11 and all prior variations)

Safety researcher Florian Grunow has been credited with discovering and reporting the flaw. Progress mentioned it has discovered no proof of the vulnerability being exploited within the wild.

That mentioned, it is really helpful that customers apply the most recent fixes as quickly as doable by downloading an add-on package deal. The replace may be put in by navigating to System Configuration > System Administration > Replace Software program.

“We are encouraging all customers to upgrade their LoadMaster implementations as soon as possible to harden their environment,” the corporate mentioned. “We additionally strongly advocate that clients observe our safety hardening tips.”

Discovered this text attention-grabbing? Observe us on Twitter and LinkedIn to learn extra unique content material we publish.

Recent articles

Patch Alert: Essential Apache Struts Flaw Discovered, Exploitation Makes an attempt Detected

Dec 18, 2024Ravie LakshmananCyber Assault / Vulnerability Risk actors are...

Meta Fined €251 Million for 2018 Knowledge Breach Impacting 29 Million Accounts

Dec 18, 2024Ravie LakshmananKnowledge Breach / Privateness Meta Platforms, the...