Source: www.securityweek.com – Author: Eduard Kovacs
CISA this week warned organizations that it’s aware of attacks exploiting a vulnerability in Progress Software’s Kemp LoadMaster.
The product, an application delivery controller (ADC) and load balancer, is affected by a critical vulnerability tracked as CVE-2024-1212, which CISA has added to its Known Exploited Vulnerabilities (KEV) catalog.
The flaw has been described as an unauthenticated command injection issue affecting the Kemp LoadMaster web-based administration interface. An attacker can exploit the vulnerability to fully compromise a targeted appliance.
Progress announced a patch for the vulnerability on February 7.
The flaw was discovered by Rhino Security Labs, which disclosed technical details on March 19, when it also made available a PoC exploit and a Metasploit module. Another exploitation path was made public in early April by Tenable.
CISA has not released any information on the attacks exploiting CVE-2024-1212 and there do not appear to be any recent reports describing exploitation.
However, SonicWall published a blog post on March 27, which mentioned that the company had seen thousands of attempts to exploit the vulnerability in late March.
SonicWall initially said it had “confirmed active exploitation”, but later updated its post to clarify that it had actually only seen exploitation attempts, not successful attacks.
Advertisement. Scroll to continue reading.
It’s unclear if CISA has added CVE-2024-1212 to its KEV catalog based on the old SonicWall report or if it has more recent information.
CISA previously warned organizations about other Progress product vulnerabilities being exploited in attacks, including ones affecting WhatsUp Gold and Telerik.
Related: Citrix, Cisco, Fortinet Zero-Days Among 2023s Most Exploited Vulnerabilities
Related: DrayTek Vulnerabilities Added to CISA KEV Catalog Exploited in Global Campaign
Related: Organizations Warned of Exploited Fortinet FortiOS Vulnerability
Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
Daily Briefing Newsletter
Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.
The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
Original Post URL: https://www.securityweek.com/cisa-warns-of-progress-kemp-loadmaster-vulnerability-exploitation/
Category & Tags: Vulnerabilities,ADC,CISA KEV,exploited,Kemp LoadMaster – Vulnerabilities,ADC,CISA KEV,exploited,Kemp LoadMaster
Views: 0