Lucene search

GovTech CSGCVELIST:CVE-2024-4163

HistoryApr 26, 2024 - 2:26 a.m.

CVE-2024-4163 Privilege Escalation on Skylab IIoT Gateway (IGX)

2024-04-2602:26:22

GovTech CSG

www.cve.org

skylab

iiot gateway

privilege escalation

limited shell

root privileges

file modification

unrestricted shell access

security vulnerability

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

The Skylab IGX IIoT Gateway allowed users to connect to it via a limited shell terminal (IGX). However, it was discovered that the process was running under root privileges. This allowed the attacker to read, write, and modify any file in the operating system by utilizing the limited shell file exec and download functions. By replacing the /etc/passwd file with a new root user entry, the attacker was able to breakout from the limited shell and login to a unrestricted shell with root access. With the root access, the attacker will be able take full control of the IIoT Gateway.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "IIoT Gateway (IGX)",
    "vendor": "Skylab",
    "versions": [
      {
        "status": "affected",
        "version": "1.2.12"
      }
    ]
  }
]

References

govtech-csg.github.io/security-advisories/2024/04/25/CVE-2024-4163.html

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for CVELIST:CVE-2024-4163