Key Vulnerabilities:
1. Progress Kemp LoadMaster (CVE-2024-1212)
– Maximum severity score (CVSS 10.0)
– Allows unauthorized remote attackers to execute system commands
– Patched in February 2024
– Currently being actively exploited
2. VMware vCenter Server Flaws
– CVE-2024-38812 (CVSS 9.8): Heap-overflow vulnerability enabling remote code execution
– CVE-2024-38813 (CVSS 7.5): Privilege escalation vulnerability
– Both demonstrated at Matrix Cup competition in China
– Active exploitation confirmed by Broadcom
Important Actions:
– CISA added these vulnerabilities to Known Exploited Vulnerabilities (KEV) catalog
– Federal agencies must patch:
* LoadMaster vulnerability by December 9, 2024
* VMware vulnerabilities by December 11, 2024
Additional Context:
– SonicWall reported exploitation attempts against LoadMaster vulnerability
– Related development: Cybercriminals actively exploiting Veeam Backup & Replication vulnerability (CVE-2024-40711) to deploy “Frag” ransomware