Remote code execution in Dell EMC Data Domain

Published: 2017-12-20 00:00:00
Severity High
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2017-14385
CVSSv3 8.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CWE ID CWE-119
Exploitation vector Network
Public exploit Not available
Vulnerable software EMC Data Domain
Vulnerable software versions EMC Data Domain 6.1
EMC Data Domain 6.0.2
EMC Data Domain 6.0.1
Show more
Vendor URL EMC Corporation

Security Advisory

1) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can send specially crafted SMB1 data, trigger memory corruption in the SMB1 handler, completely shut down both the SMB service and active directory authentication and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 5.7.5.6; 6.0.2.9, 6.1.0.21.

External links

http://seclists.org/fulldisclosure/2017/Dec/79

Back to List