Progress Software patched a critical 10.0 vulnerability that affects all LoadMaster releases, as well as the LoadMaster Multi-Tenant hypervisor.
Progress Software said in a Sept. 4 security advisory that it’s possible for unauthenticated, remote attackers who have access to the management interface of LoadMaster to issue a “carefully crafted http request” that can execute arbitrary systems commands.
Progress said it was not aware of the vulnerability — CVE-2024-7591 — being exploited in the wild or having a direct impact on customers. However, the company advised customers to apply the patch as soon as possible.
Enlyft reported that it has data on 64 companies that use LoadMaster, mostly firms in the transportation/trucking/railroad industry. Prominent users include FedEx Corporate Services, Mohawk Industries, and Archer Daniels Midland.
Stephen Kowski, Field CTO at SlashNext Email Security, said security teams should patch the LoadMaster flaw because of its maximum CVSS score of 10, and the potential for unauthenticated remote code execution. Kowski pointed out that LoadMaster is widely used for load balancing and application delivery in enterprise environments, making it an attractive target for attackers seeking to compromise networks.
“The popularity of LoadMaster in enterprise environments, combined with Progress Software's recent high-profile security issues [around the MOVEit transfer flaw] makes this vulnerability particularly concerning,” said Kowski. “Organizations should not only patch, but also conduct thorough security audits, implement robust access controls, and deploy AI-powered detection systems capable of identifying anomalous behavior that could indicate exploitation attempts. It's crucial to stay ahead of evolving threats by continuously monitoring for new attack vectors and updating security measures accordingly.”
Jason Soroko, senior fellow at Sectigo, added that given Progress Software’s recent issues after the MOVEit breach, this vulnerability potentially exposes the brand to security concerns.
“LoadMaster is widely used for load balancing in enterprises, making this flaw a high-priority risk,” said Soroko. “Security teams should immediately apply the emergency fix, isolate vulnerable systems from untrusted networks, and restrict access to the management interface to trusted IPs only. The recommendation is that swift action is essential to avoid exploitation.”
Evan Dornbush, a cybersecurity expert with NSA experience, pointed out the cautionary tale here is well known: attackers are getting increasingly efficient at minimizing the time it takes to weaponize bugs — so there's a sense of urgency.
“Software vulnerabilities remain a formidable threat even for organizations with robust patch management practices,” said Dornbush. “While timely patching is essential, sole reliance on it can be perilous. To better ensure continuity of business operations, organizations must adopt a defense-in-depth strategy, including advanced network threat detection capabilities, to mitigate risks posed by elusive zero-day vulnerabilities."
