Severe Vulnerability Discovered in LoadMaster & Multi-Tenant Hypervisor

Progress Software’s LoadMaster and Multi-Tenant Hypervisor products have been affected by a vulnerability (CVE-2024-7591) that allows remote attackers to take control of compromised devices. This critical flaw could lead to serious business disruptions, including data breaches and the potential loss of control over critical infrastructure.

Organizations using LoadMaster for managing their network traffic or critical services must act quickly to address this risk. However, even if your firm doesn't directly use these products, it's essential to consider third-party vendors that may have access to your data. Any vendor using vulnerable versions of LoadMaster could inadvertently expose your information to attackers, making it crucial to review your third-party risk management policies and ensure vendors are taking appropriate security measures.

Attack methods and potential impact

Exploiting this vulnerability opens several attack vectors, including:

• Remote code execution: Attackers could install malicious software, steal data, or disrupt business operations by taking control of compromised devices. In addition to internal network risks, the impact could spread if third-party vendors use vulnerable LoadMaster systems.
• Privilege escalation: With administrative access, attackers could compromise other critical systems, putting more sensitive data and essential services at risk. Organizations that manage financial data or business-critical operations should be especially cautious.
• Lateral movement: After gaining initial access, attackers could use the compromised systems to infiltrate other connected systems, increasing the potential for widespread damage.

Given the critical nature of LoadMaster in traffic management and load balancing, the consequences of this vulnerability could disrupt operations, expose sensitive data, and impact business continuity.

Our guidance

Progress Software has released patches to secure affected systems. Organizations using LoadMaster should take immediate action by following these key steps:

• Download and install the latest patches provided by Progress Software. Ensure the patch is applied correctly by following the vendor’s guidelines.
• Determine whether vendors that manage critical systems are using any of the affected Progress Software systems. If so, confirm that these vendors have applied the appropriate patches. Firms should review information submitted through due diligence questionnaires to help determine which vendors may be using LoadMaster or Multi-Tenant Hypervisor, but if in doubt, firms should confirm that the appropriate patches have been implemented across all high-risk vendors.
• Beyond patching, firms should maintain a strong security posture by updating software regularly, enforcing strict password policies, and monitoring network activity for any signs of intrusion.
• Firms should review their third-party risk management program to ensure that there are appropriate policies, procedures, and monitoring practices in place to ensure critical third parties are actively patching and updating critical software.

CCOs should work closely with IT teams to ensure both internal systems and third-party vendors have adequately addressed the risks posed by the vulnerability. By doing so, firms can minimize the threat to their operations.

How we help

ACA Aponix^® can help your firm build your cybersecurity program to strengthen your line of defense against cyberattacks. Our services include:

• Aponix Protect^TM is a cybersecurity and technology risk solution that helps you build a comprehensive risk management program tailored to your business needs.
• ACA Signature combines cybersecurity with compliance advisory services,  innovative technology and managed services for a scalable solution that can help you gain expert insight, guidance, and support as you navigate emerging challenges.

Reach out to your ACA consultant, or contact us to find out how ACA can help secure your firm against cyber threats and comply with regulatory expectations. 

Contact us