Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Progress Kemp LoadMaster

Progress Kemp LoadMaster Vendor Cyber Rating & Cyber Score

kemptechnologies.com

Kemp Load Balancers are designed to optimize a wide array of applications with templates and support for: • Web Application servers including SSL and HTTP/2 • Microsoft Applications including Exchange, Skype, RDS, Always-on-VPN • SharePoint and ADFS • Dell EMC ECS • Citrix XenApp/XenDesk • Oracle E-Business Suite, PeopleSoft and WebLogic • E-Commerce, Healthcare, Education and Government Applications


PKL A.I CyberSecurity Scoring

PKL
Company Information
Website:https://kemptechnologies.com/
Employees number:93
Number of followers:19,741
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:kemptechnologies.com
PKL Risk Score (AI oriented)
Between 750 and 799
logo
PKLIT Services and IT Consulting
Updated:
30/06/2026
750/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
PKL Global Score (TPRM)
xxxx
logo
PKLIT Services and IT Consulting
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

PKL
PKLFair
Current Score
750Baa (FAIR)
01000
1 incidents
-2 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
750Before Incident
JUNE 2026
751Before Incident
Vulnerability
04 Jun 2026PKL
Progress, Progress ECS Connection Manager and Progress Connection Manager for ObjectScale: Critical Progress Kemp LoadMaster Vulnerability Enables Pre-Auth Remote Code Execution

Critical Zero-Day Vulnerability in Progress Kemp LoadMaster Exposes Enterprise Networks

749After Incident
CRITICAL-2
PRO1782829753
Critical Zero-Day Vulnerability in Progress Kemp LoadMaster Exposes Enterprise Networks A severe security flaw in Progress Kemp LoadMaster, tracked as CVE-2026-8037, has left enterprise networks worldwide vulnerable to unauthenticated remote code execution. The vulnerability, rated 9.8 (Critical) on the CVSS scale, allows attackers to execute arbitrary commands with root-level privileges on affected appliances without requiring authentication. Kemp LoadMaster is a widely used load balancer and application delivery controller, handling critical functions like traffic management, SSL/TLS offloading, and web application firewall protection. Since these devices often sit at the network perimeter, exploitation provides attackers with a direct pathway into an organization’s infrastructure, bypassing internal security controls. ### Root Cause & Exploitation Researchers at WatchTowr Labs identified the flaw in the `escape_quotes()` function, which fails to properly sanitize user input before passing it to a system shell. The issue stems from a missing null terminator in the output buffer, allowing an attacker to manipulate memory and inject malicious commands. Exploitation occurs via the /accessv2 API endpoint, where specially crafted JSON input containing four single quotes as the `apiuser` value triggers an out-of-bounds memory read. This enables attackers to overwrite adjacent heap memory, ultimately executing arbitrary commands with root privileges. ### Affected Versions & Patch Availability The vulnerability impacts: - Kemp LoadMaster GA 7.2.63.1 and earlier - LTSF 7.2.54.17 and earlier (when the API feature is enabled) Progress has released patched versions (GA 7.2.63.2 and LTSF 7.2.54.18), which address the issue by switching to zero-filled memory allocation and adding the missing null terminator. The fix also applies to Progress ECS Connection Manager and Progress Connection Manager for ObjectScale. Organizations running affected versions are advised to upgrade immediately, as unpatched devices remain exposed to attacks from both the public internet and internal networks. Those without active maintenance agreements should contact their vendor for updates. The flaw was first reported by researcher Syed Ibrahim Ahmed of TrendAI Research and disclosed by Progress on June 4, 2026. Given its severity, enterprises must prioritize remediation to prevent potential breaches.
INCIDENT DETAILS -
TYPE
Zero-Day Vulnerability
IMPACT
Systems Affected: Kemp LoadMaster, Progress ECS Connection Manager, Progress Connection Manager for ObjectScaleOperational Impact: Potential unauthorized access to enterprise networks, bypassing internal security controls
MAY 2026
751Before Incident
APRIL 2026
751Before Incident
MARCH 2026
751Before Incident
FEBRUARY 2026
751Before Incident
JANUARY 2026
751Before Incident
DECEMBER 2025
751Before Incident
NOVEMBER 2025
751Before Incident
OCTOBER 2025
751Before Incident
SEPTEMBER 2025
751Before Incident
AUGUST 2025
751Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for PKL ?
?
What was PKL's A.I Rankiteo Cyber Score in June 2026 ?
?
What was PKL's A.I Rankiteo Cyber Score in May 2026 ?
?
What was PKL's A.I Rankiteo Cyber Score in April 2026 ?
?
What was PKL's A.I Rankiteo Cyber Score in March 2026 ?
?
What was PKL's A.I Rankiteo Cyber Score in February 2026 ?
?
What was PKL's A.I Rankiteo Cyber Score in January 2026 ?
?
What was PKL's A.I Rankiteo Cyber Score in December 2025 ?
?
What was PKL's A.I Rankiteo Cyber Score in November 2025 ?
?
What was PKL's A.I Rankiteo Cyber Score in October 2025 ?
?
What was PKL's A.I Rankiteo Cyber Score in September 2025 ?
?
What was PKL's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on PKL's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with PKL ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view PKL's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?