AdvisoryAdvisoriesCISAAA23-074A

March 15, 2023

Telerik Vulnerability in IIS Server

March 15, 2023

What we know so far

Between November 2022 and January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and other organizations discovered indicators of compromise (IOCs) at a federal civilian executive branch (FCEB) agency. They found that multiple cyber threat actors, including an advanced persistent threat (APT) actor, exploited a vulnerability in the Progress Telerik user interface (UI) for ASP.NET AJAX, which is used in the agency's Microsoft Internet Information Services (IIS) web server. This vulnerability, known as CVE-2019-18935, allowed for remote code execution. Additionally, in April 2023, another FCEB agency found exploitation of CVE-2017-9248 in the Telerik UI for ASP.NET AJAX DialogHandler component.

Arrow Right

Schedule a test

Subscribe to advisory alerts

Be immediately notified of new advisories and associated security tests

More advisories