The US Cybersecurity and Infrastructure Security Agency (CISA) has disclosed info concerning a .NET deserialization vulnerability (CVE-2019-18935) in the Progress Telerik user interface (UI) for ASP.NET AJAX.
CISA described the conclusions in an advisory on Wednesday, indicating several cyber-danger actors have been equipped to exploit the flaw, which also affected the Microsoft Internet Facts Services (IIS) web server of a federal civilian executive department (FCEB) agency concerning November 2022 and January 2023.
If exploited efficiently, the vulnerability allows remote code execution (RCE). Simply because of this, the flaw has been rated as critical and assigned a CVSS v3.1 score of 9.8.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
Examine more on the CVSS procedure in this article: A Scenario Against CVSS
“Though the agency’s vulnerability scanner had the correct plugin for CVE-2019-18935, it failed to detect the vulnerability due to the Telerik UI software becoming mounted in a file path it does not usually scan,” reads the CISA advisory. “This may be the case for numerous program installations, as file paths extensively differ depending on the firm and set up approach.”
Commenting on the information, Dror Liwer, co-founder of cybersecurity corporation Coro, explained vulnerabilities like this are a “low-hanging fruit” for attackers.
“They signify an straightforward, effectively-documented entry issue that does not involve social engineering, robust complex skills or energetic checking,” Liwer spelled out.
According to the govt, maintaining up with regarded vulnerabilities throughout all assets can be overwhelming, but corporations must shell out extra interest to updates.
“There is no quick deal with. Vulnerability management have to be an integral portion of any cybersecurity system, as cumbersome and laborious as it might be,” Liwer extra.
As significantly as CVE-2019-18935 is concerned, CISA claimed entities working with Development Telerik application must put into action a patch management alternative to assure compliance with the most current security patches.
They really should also validate the output from patch management and vulnerability scanning towards managing providers to check for any discrepancies, and restrict provider accounts to the minimum amount permissions required.
The CISA advisory comes weeks right after SentinelOne disclosed details linked to new malware loaders centered on the .NET progress platform.
Some elements of this posting are sourced from: