July 26, 2024 at 09:37AM
Progress Software’s latest security advisory warns about a critical CVE-2024-6327 vulnerability in Telerik Report Server, with potential for remote code execution on versions prior to 10.1.24.709. There’s special concern due to previous successful attacks via a similar vulnerability. Another CVE-2024-6096 vulnerability in Telerik Reporting also poses a serious risk, requiring version upgrade for mitigation.
Based on the meeting notes, here are the key takeaways:
1. Progress Software has issued a security advisory about critical vulnerabilities targeting its Telerik Report Server.
2. CVE-2024-6327, an insecure deserialization vulnerability with a 9.9 CVSS score, can lead to remote code execution (RCE) on servers running all versions prior to 10.1.24.709.
3. CVE-2019-18935, a previous vulnerability affecting Telerik UI for ASP.NET AJAX, was previously used by attackers to target US federal agencies.
4. Another previously discovered 9.8-rated vulnerability (CVE-2024-4358) allowed attackers to bypass authentication and make themselves admin users.
5. Progress also disclosed a second vulnerability, CVE-2024-6096, affecting Telerik Reporting. This vulnerability could lead to RCE via an object injection attack.
6. Users are advised to upgrade to specific versions to remove the vulnerabilities, as no mitigations are available.
These takeaways highlight the critical nature of the vulnerabilities and the importance of timely mitigation and upgrades to protect against potential exploits.