HomeVulnerabilityVMware vCenter and Kemp LoadMaster Flaws Underneath Energetic Exploitation

VMware vCenter and Kemp LoadMaster Flaws Underneath Energetic Exploitation

Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come beneath energetic exploitation within the wild, it has emerged.

The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Monday added CVE-2024-1212 (CVSS rating: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Identified Exploited Vulnerabilities (KEV) catalog. It was addressed by Progress Software program again in February 2024.

“Progress Kemp LoadMaster incorporates an OS command injection vulnerability that enables an unauthenticated, distant attacker to entry the system by the LoadMaster administration interface, enabling arbitrary system command execution,” the company mentioned.

Cybersecurity

Rhino Safety Labs, which found and reported the flaw, mentioned profitable exploitation permits command execution on LoadMaster ought to an attacker have entry to the administrator net person interface, granting them full entry to the load balancer.

CISA’s addition of CVE-2024-1212 coincides with a warning from Broadcom that attackers at the moment are exploiting two security flaws within the VMware vCenter Server, which had been demonstrated on the Matrix Cup cybersecurity competitors held in China earlier this yr.

See also  Juniper Networks Releases Essential Safety Replace for Routers

The issues, CVE-2024-38812 (CVSS rating: 9.8) and CVE-2024-38813 (CVSS rating: 7.5), had been initially resolved in September 2024, though the corporate rolled out fixes for the previous a second-time final month, stating the earlier patches “didn’t absolutely deal with” the issue.

  • CVE-2024-38812 – A heap-overflow vulnerability within the implementation of the DCERPC protocol that might allow a malicious actor with community entry to acquire distant code execution
  • CVE-2024-38813 – A privilege escalation vulnerability that might allow a malicious actor with community entry to escalate privileges to root
Cybersecurity

Whereas there are at present no particulars on the noticed exploitation of those vulnerabilities in real-world assaults, CISA is recommending that Federal Civilian Government Department (FCEB) businesses remediate CVE-2024-1212 by December 9, 2024, to safe their networks.

The event comes days after Sophos revealed that cybercrime actors are actively weaponizing a essential flaw in Veeam Backup & Replication (CVE-2024-40711, CVSS rating: 9.8) to deploy a beforehand undocumented ransomware referred to as Frag.

See also  What's the CIA triad? A principled framework for outlining infosec insurance policies

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular