Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Progress warns Telerik Report Server has a critical security bug

Red padlock open on electric circuits network dark red background.

Telerik Report Server carried a high severity vulnerability which allowed threat actors to compromise endpoints. It has since been patched, and Progress Software, the company behind the product, urged its users to apply the fix immediately.

Report Server is a popular platform for handling various reporting needs in an organization, providing tools for creating, storing, scheduling, and delivering reports in different formats.

According to Progress, the software had a deserialization of untrusted data vulnerability, which allowed threat actors to run remote code execution (RCE) attacks. It is tracked as CVE-2024-6327 and carries a base score of 9.9 (critical). 

Not abused (yet)

Report Server 2024 Q2 (10.1.24.514) and earlier are impacted by the flaw, and the first patched version is 2024 Q2 (10.1.24.709).

"Updating to Report Server 2024 Q2 (10.1.24.709) or later is the only way to remove this vulnerability," Progress said in a follow-up advisory. "The Progress Telerik team strongly recommends performing an upgrade to the latest version." To check if you are vulnerable to attacks via the deserialization of untrusted data flaw, you should open up the Configuration page, select the About tab, and look for the version number. Those who are unable to apply the patch at this time, should change the Report Server Application Pool user to one with limited permissions. 

There are currently no reports of this vulnerability being exploited in the wild.

Progress Software became infamous following the major data leak incident that involved MOVEit, a managed file transfer (MFT) product. The cyberattack, which happened last year, affected thousands of organizations all over the world, resulted in numerous ransomware attacks, and even prompted the FBI to get involved. 

MOVEit is a managed file transfer solution, generally used by SMBs and enterprises to share sensitive files securely. In late May last year, the company building out the solution was tipped off on suspicious activity. A deeper investigation uncovered a major flaw in the software, which allowed threat actors abusing it to steal the data from various endpoints. The attackers - a Russian ransomware actor named Cl0p, first said that at least a hundred companies were affected and had their data stolen. Cybersecurity experts Emsisoft claim more than 2,500 firms confirmed being affected by the breach, impacting more than 64 million people. 

Via BleepingComputer

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.