Progress Software Telerik Reporting Vulnerability (#675)

* Cisco Expressway Advisory

* Format markdown files

* Update 20240208003-Cisco-Expressway-Series-Cross_Site-Request-Forgery.md

changing of links

* Format markdown files

* Adobe Releases Security Updates

* Format markdown files

* Adobe Releases Security Updates

* Format markdown files

* Bricks WordPress Advisory

* Format markdown files

* Bricks WordPress

* Zyxel security advisory

* Format markdown files

* Linux Kernel Code Execution Vulnerability

* Format markdown files

* released a security advisory

* Format markdown files

* Update and rename 20240308004-Android-security-advisory.md to 20240308004-Android-security-advisory.md

Changed from 007 to 008

* Android security advisory 20240308004

* Format markdown files

* Fortinet Critical SQLi Vulnerability in FortiClientEMS

* Format markdown files

* Update 20240318003-Fortinet-Critical-SQLi-Vulnerability-in-FortiClientEMS-Software.md

Minor grammar fix and observability

* Format markdown files

* Firefox Patches Critical Zero-Day Vulnerabilities

* Format markdown files

* Firefox Patches Critical Zero-Day Vulnerabilities - 20240327003

* Format markdown files

* Update 20240327003-Firefox-Patches-Critical-Zero-Day-Vulnerabilities.md

add cvss column and minor fix to table

* Delete docs/advisories/20240326002-Firefox-Patches-Critical-Zero-Day-Vulnerabilities.md

no longer needed

* Format markdown files

* Supply Chain Compromise Affecting XZ Utils Data Compression Library - 20240402002

* Format markdown files

* Cisco Vulnerability in Small Business Routers

* Format markdown files

* Updated overview to include all Router series.

* Bitdefender Advisory

* Format markdown files

* TP-Link Archer Routers Advisory

* Format markdown docs

* Update 20240418003-Botnets-Swarm-Exploited-in-TP-Link-Archer-Routers.md

Fixing table

* HashiCorp security advisory

* Format markdown docs

* Progress Software Telerik Reporting  Vulnerability

* Format markdown docs

---------

Co-authored-by: GitHub Actions <[email protected]>
Co-authored-by: Joshua Hitchen (DGov) <[email protected]>
Co-authored-by: CharlesRN <[email protected]>

docs/advisories/20240426003-Progress-Software-Telerik-Reporting-ObjectReader-Vulnerability.md

@@ -0,0 +1,24 @@
+# Progress Software Telerik Reporting ObjectReader Vulnerability - 20240426003
+
+## Overview
+
+Progress Telerik has released a security advisory to address insecure deserialization vulnerability in Telerik Reporting product. The specific flaw exists within the ObjectReader class. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.
+
+## What is vulnerable?
+
+| Product Affected                                          | CVE                                                                                                                              | Severity | CVSS |
+| --------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | -------- | ---- |
+| Telerik Reporting 2024 Q1 all versions before 18.0.24.130 | [CVE-2024-1856](https://nvd.nist.gov/vuln/detail/CVE-2024-1856), [cve-2024-1801](https://nvd.nist.gov/vuln/detail/cve-2024-1801) | **High** | 8.5  |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+## Additional References
+
+- [ZDI-24-402 | Zero Day Initiative](https://www.zerodayinitiative.com/advisories/ZDI-24-402/ "https://www.zerodayinitiative.com/advisories/ZDI-24-402/")
+- [Insecure Deserialization Vulnerability - Telerik Reporting](https://docs.telerik.com/reporting/knowledge-base/deserialization-vulnerability-cve-2024-1801-cve-2024-1856)