Plataforma
dotnet
Componente
telerik-reporting
Corrigido em
2024 R1
CVE-2024-0832 describes a privilege elevation vulnerability discovered in Telerik Reporting's installer component. This flaw allows a lower-privileged user, within an environment already running Telerik Reporting, to manipulate the installation package and gain elevated privileges on the operating system. The vulnerability affects versions 1.0 through 2023 R3, and a fix is available in version 2024 R1.
The primary impact of CVE-2024-0832 is the potential for privilege escalation. An attacker, already possessing limited access to a system with Telerik Reporting installed, can exploit this vulnerability to gain administrative or system-level privileges. This could allow them to install malicious software, modify system configurations, steal sensitive data, or compromise the entire system. The ability to manipulate the installation package represents a significant attack vector, as it bypasses typical security controls designed to prevent unauthorized privilege elevation. This vulnerability is particularly concerning in environments where user access controls are not strictly enforced or where the installation process is not adequately secured.
CVE-2024-0832 was publicly disclosed on January 31, 2024. There are currently no known public exploits or active campaigns targeting this vulnerability. Its EPSS score is pending evaluation. Monitor security advisories and threat intelligence feeds for any updates regarding exploitation attempts.
Organizations using Telerik Reporting in environments where user access controls are not strictly enforced are at higher risk. This includes environments with shared hosting configurations or legacy systems with less stringent security practices. Specifically, systems where users have write access to the Telerik Reporting installation directory are particularly vulnerable.
• windows / dotnet:
Get-Process | Where-Object {$_.ProcessName -like '*TelerikReporting*'}• windows / dotnet: Check registry for unusual entries related to Telerik Reporting installation paths. • windows / dotnet: Monitor event logs for suspicious processes attempting to modify installation files. • dotnet: Review application configuration files for any unexpected or unauthorized modifications. • generic web: Monitor web server access logs for unusual requests targeting the Telerik Reporting installation directory.
disclosure
Status do Exploit
EPSS
0.67% (percentil 71%)
Vetor CVSS
The primary mitigation for CVE-2024-0832 is to upgrade Telerik Reporting to version 2024 R1 or later, which contains the fix. If an immediate upgrade is not feasible, consider restricting user access to the installation directory and disabling the ability to modify the installation package. Implement strict user access controls and regularly review user permissions. Monitor system logs for any suspicious activity related to the installation process. While a WAF or proxy cannot directly mitigate this vulnerability, they can help detect and block malicious attempts to manipulate the installation package.
Actualice Telerik Reporting a la versión 2024 R1 o posterior. Esto solucionará la vulnerabilidad de elevación de privilegios en el instalador. Descargue la versión más reciente desde el sitio web oficial de Telerik.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-0832 is a vulnerability in Telerik Reporting allowing a lower-privileged user to elevate their privileges by manipulating the installation package. It's rated HIGH severity (CVSS 7.8).
You are affected if you are using Telerik Reporting versions 1.0–2023 R3. Upgrade to 2024 R1 or later to resolve the issue.
Upgrade Telerik Reporting to version 2024 R1 or later. As a temporary workaround, restrict user access to the installation directory.
As of now, there are no known public exploits or active campaigns targeting CVE-2024-0832, but continuous monitoring is recommended.
Refer to the official Telerik security advisory for detailed information and updates: [https://www.telerik.com/security/CVE/CVE-2024-0832](https://www.telerik.com/security/CVE/CVE-2024-0832)
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo packages.lock.json e descubra na hora se você está afetado.