Security News > 2024 > July > Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
Progress Software has fixed a critical vulnerability in its Telerik Report Server solution and is urging users to upgrade as soon as possible.
Telerik Report Server is an enterprise solution for storing, creating, managing and viewing reports in web and desktop applications.
CVE-2024-6327 is an insecure deserialization vulnerability that may allow attackers to remotely execute code on the underlying server through CVE-2024-6096, an insecure type resolution vulnerability that affects Telerik Reporting, a tool for building reports for and adding them to web and desktop applications.
Customers have been advised to upgrade to Telerik Reporting 2024 Q2, as it's the only way to remove CVE-2024-6096, and to upgrade to Telerik Report Server 2024 Q2 or later to fix CVE-2024-6327.
If the latter action is not possible, Progress Software notes that users "Can temporarily mitigate this issue by changing the user for the Report Server Application Pool to one with limited permissions".
Just last month, the Shadowserver Foundation spotted exploitation attempts for CVE-2024-4358, a vulnerability that, when concatenated with CVE-2024-1800, allowed attackers to achieve unauthenticated remote code execution on Progress Telerik Report Servers.
News URL
https://www.helpnetsecurity.com/2024/07/26/cve-2024-6327/
Related news
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Progress urges admins to patch critical WhatsUp Gold bugs ASAP (source)
- 'Patch yesterday': Zimbra mail servers under siege through RCE vuln (source)
- CISA: Network switch RCE flaw impacts critical infrastructure (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-24 | CVE-2024-6327 | Deserialization of Untrusted Data vulnerability in Progress Telerik Report Server In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability. | 9.8 |
| 2024-07-24 | CVE-2024-6096 | Unsafe Reflection vulnerability in Progress Telerik Reporting In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible through object injection via an insecure type resolution vulnerability. | 9.8 |
| 2024-05-29 | CVE-2024-4358 | Authentication Bypass by Spoofing vulnerability in Telerik Report Server 2024 10.0.24.130/10.0.24.305 In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. | 9.8 |
| 2024-03-20 | CVE-2024-1800 | In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability. | 0.0 |