Privilage Escalation in Meinberg products - CVE-2016-3989
Published: June 29, 2016 / Updated: November 22, 2018
Vulnerability identifier: #VU57
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Amber
CVE-ID: CVE-2016-3989
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vendor: Meinberg
Affected software:
IMS-LANTIME M1000
IMS-LANTIME M500
LANTIME M900
LANTIME M600
LANTIME M400
LANTIME M200
LANTIME M100
SyncFire 1100
LCES
IMS-LANTIME M1000
IMS-LANTIME M500
LANTIME M900
LANTIME M600
LANTIME M400
LANTIME M200
LANTIME M100
SyncFire 1100
LCES
Detailed vulnerability description
The vulnerability allows a remote attacker to execute privilage escalation.
The vulnerability exists due to weak access controls, that allow for privilege escalation from “nobody” to “root” user. “nobody” has permissions to alter script that can only run as “root.”
Successful exploitation of this vulnerability may result in escalation to root privileges.
The vulnerability exists due to weak access controls, that allow for privilege escalation from “nobody” to “root” user. “nobody” has permissions to alter script that can only run as “root.”
Successful exploitation of this vulnerability may result in escalation to root privileges.
How to mitigate CVE-2016-3989
Meinberg has produced a new firmware Version 6.20.004.