CVE-2024-6714

External Control of File Name or Path (CWE-73)

Published: Jul 23, 2024 / Updated: 3mo ago

010
CVSS 8.8EPSS 0.05%High
CVE info copied to clipboard

Summary

An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local attacker to escalate their privilege.

Impact

This vulnerability enables a local attacker to escalate their privileges, potentially gaining full control over the affected system. The impact is severe, as it affects confidentiality, integrity, and availability of the system. An attacker could access sensitive information, modify system files, or disrupt system operations. The CVSS v3.1 base score is 8.8 (High), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H, indicating high impacts on confidentiality, integrity, and availability.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. The vulnerability is fixed in provd version 0.1ומ5 and later.

Mitigation

1. Update provd to version 0.1.5 or later as soon as possible. 2. If immediate patching is not possible, consider temporarily revoking setuid privileges from the affected binary. 3. Monitor and restrict local access to systems running vulnerable versions of provd. 4. Implement the principle of least privilege to minimize the potential impact of successful exploits.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-6714

Jul 23, 2024 at 4:15 PM
CVSS

A CVSS base score of 8.8 has been assigned.

Jul 23, 2024 at 4:20 PM / nvd
First Article

Feedly found the first article mentioning CVE-2024-6714. See article

Jul 23, 2024 at 4:24 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Jul 23, 2024 at 4:24 PM
Trending

This CVE started to trend in security discussions

Jul 24, 2024 at 3:22 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (200529)

Jul 24, 2024 at 7:53 AM
EPSS

EPSS Score was set to: 0.05% (Percentile: 16.1%)

Jul 24, 2024 at 9:39 AM
Trending

This CVE stopped trending in security discussions

Jul 26, 2024 at 1:10 PM
Static CVE Timeline Graph

Affected Systems

Apache
+null more

Links to Mitre Att&cks

T1562.003: Impair Command History Logging
+null more

Attack Patterns

CAPEC-13: Subverting Environment Variable Values
+null more

News

Page 2: A look inside the container | heise online
CISA's own methodology, which is completely new in the context of CVE entries, comes into play for rapid pre-selection: the so-called Stakeholder-Specific Vulnerability Categorization (SSVC). KEV references are nothing completely new in the field of CVE entries, but have been an integral part of the NVD supplementary information researched by NIST for some time –, just like CVSS, CWE and CPE –.
Update Sat Aug 17 14:31:27 UTC 2024
Update Sat Aug 17 14:31:27 UTC 2024
Vulnerability Summary for the Week of July 22, 2024
Vulnerability Summary for the Week of July 22, 2024 bjackson Jul 29, 2024 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info 202ecommerce--paypal In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disabled webhooks can be exploited to create an accepted order. This could allow a threat actor to confirm an order with a fraudulent payment support. Versions 6.4.2 and 3.18.1 contain a patch for the issue. Additionally, users enable webhooks and check they are callable. 2024-07-26 7.5 CVE-2024-41670 security-advisories@github.com ABB--Advant MOD 300 AdvaBuild AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the command queue can use it to launch an attack by running any executable on the AdvaBuild node. The executables that can be run are not limited to AdvaBuild specific executables. Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2. 2024-07-23 8.8 CVE-2020-11640 cybersecurity@ch.abb.com ABB--Advant MOD 300 AdvaBuild An attacker could exploit the vulnerability by injecting garbage data or specially crafted data.
Python-zipp, Provd, OSC, phpCAS, Poppler updates for Ubuntu
A remote attacker could possibly use this issue to gain access OCS Inventory was vulnerable to an authentication bypass if the
Security: Ausführen von Code mit höheren Privilegien in provd (Ubuntu)
Name: Ausführen von Code mit höheren Privilegien in provd ID: USN-6912-1 Distribution: Ubuntu Plattformen: Ubuntu 24.04 LTS Datum: Mi, 24. Sicherheit: Ausführen von Code mit höheren Privilegien in provd
See 12 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Changed
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI