July 26, 2024 at 10:39AM
Progress Software has alerted users to a critical-severity vulnerability (CVE-2024-6327) in its Telerik Report Server product, enabling remote code execution. Version 2024 Q2 (10.1.24.709) addresses the flaw, urging immediate user updates. Temporary mitigation includes altering the user for the Report Server Application Pool. Threat actors have exploited similar vulnerabilities, prompting swift action.
Key takeaways from the meeting notes:
– Progress Software issued an advisory about a critical-severity vulnerability in its Telerik Report Server product that could be exploited for remote code execution (RCE).
– The vulnerability, tracked as CVE-2024-6327 with a CVSS score of 9.9/10, is an insecure deserialization flaw affecting Telerik instances prior to 2024 Q2 (10.1.24.709).
– Progress has addressed the issue in Telerik Report Server version 2024 Q2 (10.1.24.709) and recommends updating deployments to this version as soon as possible to remove the vulnerability.
– As a temporary mitigation, administrators could change the user for the Report Server Application Pool to one with limited permissions.
– Telerik Report Server users are advised to update their instances as soon as possible due to known exploitation of Telerik vulnerabilities by threat actors.
– Progress patched another critical flaw in the server last month, and the US cybersecurity agency CISA warned of its exploitation less than ten days later.
In summary, it is crucial for users of Telerik Report Server to update to version 2024 Q2 (10.1.24.709) or later to address the critical vulnerability and to implement the temporary mitigation provided by Progress. The company strongly recommends performing an upgrade to the latest version to mitigate the risk.