Load balancers: Attackers can compromise LoadMaster
Important security patches have been released for LoadMaster and MultiTenant Hypervisor from Progress Kemp.
Vulnerabilities threaten appliances.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
If attackers successfully exploit a vulnerability in LoadMaster or MultiTenant Hypervisor, they can gain complete control over systems.
Dangerous security vulnerability
As the provider of network solutions Progress Kemp explains in a warning message, the vulnerability (CVE-2024-7591) is classified as "critical" with the highest threat level (CVSS 3.1 score 10 out of 10).
If access to the management interface is granted, attackers can exploit the vulnerability remotely and without authentication. They can use certain HTTP requests to execute their own system commands and thus compromise computers. The security patch cleans up user input so that potentially dangerous commands can no longer get through.
Videos by heise
The developers state that LoadMaster up to and including version 7.2.60.0 and Multi-Tenant Hypervisor up to and including version 7.1.35.11 are affected. In order to secure systems against the described attack, admins must download and install an add-on package via the software update function.
Are there already attacks?
The provider states that it has not yet received any reports of ongoing attacks from customers. Nevertheless, admins should install the patches promptly. Progress Kemp also provides important security tips for LoadMaster and MultiTenant Hypervisor to protect servers more effectively against attacks. Among other things, admin and remote access should be restricted. SSH access should also be regulated. It is also advisable to set up and use an SSL/TLS certificate.
Unfortunately, the provider fails to provide admins with information about systems that have already been compromised so that they can search for clues.
(des)
