Blog Details

  • Home
  • Blog
  • Active Exploitation of Progress Kemp and VMware vCenter Vulnerabilities
Active Exploitation of Progress Kemp and VMware vCenter Vulnerabilities

Active Exploitation of Progress Kemp and VMware vCenter Vulnerabilities

Security researchers and agencies have sounded the alarm over the active exploitation of high-severity vulnerabilities in Progress Kemp LoadMaster and VMware vCenter Server.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the flaws to its Known Exploited Vulnerabilities (KEV) catalog, urging organizations to act promptly to secure their networks.

Progress Kemp LoadMaster: CVE-2024-1212 (CVSS Score: 10.0)

A command injection vulnerability in Progress Kemp LoadMaster allows remote, unauthenticated attackers to execute arbitrary system commands.

Details

  1. Impact: Grants full access to the load balancer via the LoadMaster management interface.
  2. Discovered by: Rhino Security Labs.
  3. Fix Available Since: February 2024.

Recommendation: CISA has set a remediation deadline for Federal Civilian Executive Branch (FCEB) agencies to address this flaw by December 9, 2024.

VMware vCenter Server Flaws

Two vulnerabilities in VMware vCenter Server demonstrated during the Matrix Cup cybersecurity competition are also under scrutiny:

CVE-2024-38812 (CVSS Score: 9.8)

  1. Type: Heap-overflow in DCERPC protocol.
  2. Impact: Remote code execution by attackers with network access.
  3. Patch Status: Initial fix in September 2024, revised in October 2024.

CVE-2024-38813 (CVSS Score: 7.5)

  1. Type: Privilege escalation.
  2. Impact: Allows network-accessible attackers to escalate privileges to root.
  3. Patch Status: Resolved in September 2024.

Growing Threat Landscape

The vulnerabilities in Progress Kemp and VMware vCenter join a series of recent high-profile flaws being weaponized, including:

Veeam Backup & Replication (CVE-2024-40711): Used to deploy the new Frag ransomware.

Recommended Actions

  1. Apply Patches: Ensure all systems running Progress Kemp LoadMaster, VMware vCenter, and Veeam Backup & Replication are updated.
  2. Access Control: Limit access to administrator interfaces.
  3. Network Monitoring: Deploy tools to detect suspicious activity targeting vulnerable systems.
  4. Incident Response: Prepare a response plan in case of exploitation.

Stay Ahead of Threats

The active exploitation of these vulnerabilities highlights the importance of patch management and proactive monitoring. Cybercriminals are leveraging unpatched systems to compromise sensitive data and infrastructure—don’t let your organization be the next target.

 

© 2016 - 2025 Red Secure Tech Ltd. Registered in England and Wales under Company Number: 15581067