US authorities reportedthat several hacking groups, including one allegedly supported by Beijing, exploited a vulnerability in one of the applications, discovered 4 years ago to hack the resources of a US federal agency.
Image source: Gerd Altmann / pixabay.com
We are talking about the Telerik tool for developing components and themes for web applications, which was launched on the Internet-accessible server of a certain American federal agency related to the executive branch. The Telerik vulnerability has a serial number CVE-2019-18935 and a score of 9.8 (critical) – it was among the top exploited vulnerabilities in 2020 and 2021. The flaw was discovered in 2019, and the NSA had previously warned it was being used by alleged Beijing-backed hackers to break into computer systems containing “Confidential intellectual property data, economic, political and military information”.
The attackers succeeded “Remote code executed successfully” on the department’s web server and open access to its internal resources, the US Cybersecurity and Infrastructure Protection Agency (CISA) said. The System Vulnerability Scanner was unable to identify the vulnerability because Telerik was installed outside of its regular scanning range. The same vulnerability, according to the agency, was exploited by multiple hacker groups from November 2022 to January 2023. For organizations using Telerik software, CISA has recommended installing an updated version of Telerik. Representatives from Progress Software, which acquired Telerik in 2014, did not comment.
Add Comment