CVE-2024-4163 – The Skylab IGX IIoT Gateway allowed users to connect to it via a limited shell terminal …

26 April 2024

Vuln ID: CVE-2024-4163

Published: 2024-04-26 03:15:06.740

Description: The Skylab IGX IIoT Gateway allowed users to connect to it via a limited shell terminal (IGX). However, it was discovered that the process was running under root privileges. This allowed the attacker to read, write, and modify any file in the operating system by utilizing the limited shell file exec and download functions. By replacing the /etc/passwd file with a new root user entry, the attacker was able to breakout from the limited shell and login to a unrestricted shell with root access. With the root access, the attacker will be able take full control of the IIoT Gateway.

Base Score: 8 – HIGH

Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Source: NVD.NIST.GOV

Date:

26 April 2024

Categorie(s):

NVD

Tag(s):

NVD

Cops finally unmask ‘LockBit kingpin’ after two-month tease7 May 2024
How Amazon Security Lake is helping customers simplify security data management for proactive threat analysis7 May 2024
Detect and Destroy Cyber Threats with Red Piranha7 May 2024
Grant Shapps says it will ‘take some time’ to conclude who was to blame for cyber-attack on armed forces payroll – UK politics live7 May 2024
#RSAC: Log4J Still Among Top Exploited Vulnerabilities, Cato Finds7 May 2024