Cyber Resilience

CVE-2024-11343

High

Published: 12 February 2025

Published
12 February 2025
Modified
20 February 2025
KEV Added
Patch
CVSS Score v3.1 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
EPSS Score 0.0030 53.9th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-11343 is a high-severity Path Traversal (CWE-22) vulnerability in Progress Telerik Document Processing Libraries. Its CVSS base score is 8.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked in the top 46.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2024-11343 is a path traversal vulnerability (CWE-22) in Progress Telerik Document Processing Libraries, affecting versions prior to 2025 Q1 (2025.1.205). The flaw occurs when unzipping an archive, enabling arbitrary file system access. It has a CVSS v3.1 base score of 8.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L), indicating high severity due to its potential for significant data exposure and modification.

An attacker requires low privileges (PR:L) to exploit this vulnerability over the network (AV:N) with low attack complexity (AC:L) and no user interaction (UI:N). Exploitation allows high confidentiality and integrity impacts, such as reading or overwriting arbitrary files on the file system, alongside low availability disruption.

The Telerik advisory at https://docs.telerik.com/devtools/document-processing/knowledge-base/kb-security-path-traversal-cve-2024-11343 recommends upgrading to version 2025.1.205 or later to mitigate the issue.

EU & UK References

Vulnerability details

In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), unzipping an archive can lead to arbitrary file system access.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
T1105 Ingress Tool Transfer Command And Control
Adversaries may transfer tools or other files from an external system into a compromised environment.
T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
Why these techniques?

Path traversal during archive extraction directly enables arbitrary local file read (T1005) and write (T1105 for tool drop, T1565.001 for stored data overwrite).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-11629Same product: Progress Telerik Document Processing Libraries
CVE-2025-0332Same vendor: Progress
CVE-2025-27395Shared CWE-22
CVE-2026-39305Shared CWE-22
CVE-2026-28793Shared CWE-22
CVE-2026-33236Shared CWE-22
CVE-2026-4048Same vendor: Progress
CVE-2026-8486Same vendor: Progress
CVE-2026-41589Shared CWE-22
CVE-2026-6023Same vendor: Progress

Affected Assets

progress
telerik document processing libraries
≤ 2025.1.205

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mandates timely identification, reporting, and correction of the path traversal flaw in vulnerable Telerik Document Processing Libraries via vendor-provided patches.

prevent

Requires validation of information inputs such as archive file paths to block path traversal attempts enabling arbitrary file system access.

preventdetect

Provides vulnerability scanning to identify deployments of vulnerable Telerik library versions and triggers remediation to prevent exploitation.

References