Improper Privilege Management in SpamTitan - CVE-2020-24045
Published: September 17, 2020 / Updated: January 4, 2021
Vulnerability identifier: #VU49245
CSH Severity: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2020-24045
CWE-ID: CWE-269
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
SpamTitan
SpamTitan
Software vendor:
TitanHQ
TitanHQ
Description
The vulnerability allows a remote administrator to escalate privileges on the system.
The vulnerability exists due to improper privilege management. A remote administrator can bypass sandbox restrictions by presenting a fake vmware-tools ISO image to the guest virtual machine running SpamTitan Gateway. The fake ISO image will be mounted and the script wmware-install.pl will be executed with super-user privileges as soon as the hidden option to install VMware Tools is selected in the main menu of the restricted shell (option number 5).
Remediation
Install updates from vendor's website.