Critical Progress LoadMaster Vulnerability – Attackers Execute Arbitrary Code


A critical vulnerability has been identified in the LoadMaster product line, including all LoadMaster releases and the LoadMaster Multi-Tenant (MT) hypervisor.

This vulnerability, which is cataloged as CVE-2024-7591, could allow unauthenticated, remote attackers to execute arbitrary code on affected systems.

EHA

Although no reported exploits of this vulnerability have been reported to date, customers are urged to take immediate action to secure their systems.

Understanding CVE-2024-7591

The vulnerability in question, CVE-2024-7591, arises from improper input validation on the LoadMaster management interface. An attacker with access to this interface could send a specially crafted HTTP request, enabling the execution of arbitrary system commands.

This flaw could compromise the entire system’s security, making it imperative that users address the issue promptly. The vulnerability affects all versions of LoadMaster up to 7.2.60.0 and the Multi-Tenant Hypervisor up to 7.1.35.11.

This exploit targets the individual instantiated LoadMaster Virtual Network Functions (VNFs) and the MT hypervisor or Manager node.

To mitigate the risk posed by this vulnerability, Progress has released an add-on package designed to sanitize user input and prevent the execution of arbitrary commands.

This patch, which includes an XML validation file, was made available on September 3, 2024, for all affected versions of LoadMaster, regardless of whether the unit’s support has expired.

Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial

Users are strongly encouraged to download and install this add-on package immediately. The installation can be performed through the System Configuration > System Administration > Update Software UI page.

Update Details and Recommendations

The following table outlines the affected and patched versions:

Product Affected Versions Patched Versions Release Date
LoadMaster 7.2.60.0 and prior Add-on Package Sep 03, 2024
Multi-Tenant Hypervisor 7.1.35.11 and prior Add-on Package Sep 03, 2024

In addition to applying the patch, Progress recommends that all customers follow security hardening guidelines to protect their systems further.

These guidelines provide best practices for securing LoadMaster environments and minimizing potential vulnerabilities.

Customer Advisory and Support

While there have been no confirmed exploits of this vulnerability, Progress is taking a proactive approach to ensure customer safety.

They advise all users to subscribe to announcement notifications via the Support Portal to receive timely updates on significant product developments.

For those with questions or concerns regarding this issue, Progress offers technical support to all LoadMaster customers with a current support contract.

Customers without an active support contract are encouraged to contact their Sales Account Manager for assistance.

The discovery of CVE-2024-7591 underscores the importance of maintaining robust security protocols and staying informed about potential vulnerabilities.

By addressing this issue promptly and following recommended security practices, LoadMaster users can protect their systems from possible threats.

As the cybersecurity landscape evolves, staying vigilant and proactive is essential for safeguarding digital assets.

Progress’s swift response to this vulnerability highlights its commitment to customer security and the ongoing effort to enhance the resilience of its products.

What Does MITRE ATT&CK Expose About Your Enterprise Security? - Watch Free Webinar!



Source link