Exploit
CVE-2024-9324

Improper Control of Generation of Code ('Code Injection') (CWE-94)

Published: Sep 29, 2024 / Updated: 51d ago

010
CVSS 5.3EPSS 0.05%Medium
CVE info copied to clipboard

Summary

A critical vulnerability has been discovered in Intelbras InControl versions up to 2.21.57. The vulnerability affects the /v1/operador/ file of the Relatório de Operadores Page component. It allows for code injection through the manipulation of argument fields. This is a remotely exploitable vulnerability that requires low attack complexity and low privileges.

Impact

The potential impact of this vulnerability is severe. It has been rated as critical with a CVSS v3.1 base score of 8.8 out of 10. The vulnerability affects all three key aspects of security: 1. Confidentiality: High impact - unauthorized access to sensitive information is possible. 2. Integrity: High impact - data integrity could be compromised, allowing attackers to modify information. 3. Availability: High impact - system availability could be disrupted. Given that the exploit has been publicly disclosed, there is an increased risk of active exploitation in the wild. This vulnerability could allow attackers to execute arbitrary code on the affected systems, potentially leading to full system compromise, data theft, or service disruption.

Exploitation

One proof-of-concept exploit is available on vuldb.com. There is no evidence of proof of exploitation at the moment.

Patch

A patch is not currently available, but a fix is scheduled for release. Version 2.21.58, which addresses this vulnerability, was initially announced for release at the end of August 2024 but has been postponed to September 20, 2024. It is crucial to plan for immediate patching once the fixed version becomes available.

Mitigation

Until the patch is available, consider the following mitigation strategies: 1. Implement strict network segmentation to limit access to the affected systems. 2. Enhance monitoring for any suspicious activities, particularly those targeting the /v1/operador/ endpoint. 3. If possible, temporarily disable or restrict access to the Relatório de Operadores Page component. 4. Apply the principle of least privilege to limit the potential impact of successful exploitation. 5. Regularly back up critical data and systems to ensure quick recovery in case of a successful attack. 6. Stay informed about the upcoming patch release and prepare for immediate deployment when it becomes available on September 20, 2024. Given the critical nature of this vulnerability and its public disclosure, it should be given high priority in your patching and remediation efforts. Prepare your systems and teams for rapid deployment of the patch as soon as it is released.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

First Article

Feedly found the first article mentioning CVE-2024-9324. See article

Sep 29, 2024 at 7:12 AM / CVE
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Sep 29, 2024 at 7:12 AM
CVE Assignment

NVD published the first details for CVE-2024-9324

Sep 29, 2024 at 7:15 AM
CVSS

A CVSS base score of 6.3 has been assigned.

Sep 29, 2024 at 7:20 AM / nvd
EPSS

EPSS Score was set to: 0.05% (Percentile: 16.3%)

Sep 30, 2024 at 9:35 AM
CVSS

A CVSS base score of 8.8 has been assigned.

Oct 7, 2024 at 4:10 PM / nvd
Proof of Concept (PoC) Released

A proof of concept exploit has been released

Oct 7, 2024 at 7:11 PM
Static CVE Timeline Graph

Affected Systems

Intelbras/incontrol_web
+null more

Exploits

https://vuldb.com/?submit.375614
+null more

Links to Mitre Att&cks

T1562.003: Impair Command History Logging
+null more

Attack Patterns

CAPEC-242: Code Injection
+null more

News

CVE-2024-9324 Exploit
CVE Id : CVE-2024-9324 Published Date: 2024-10-07T16:05:00+00:00 A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical. Affected by this issue is some unknown functionality of the file /v1/operador/ of the component Relatório de Operadores Page. The manipulation of the argument fields leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was informed early on 2024-07-19 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.
CVE Alert: CVE-2024-9324 - https://www. redpacketsecurity.com/cve_aler t_cve-2024-9324/ # OSINT # ThreatIntel # CyberSecurity # cve_2024_9324
CVE Alert: CVE-2024-9324
Affected Endpoints: Everyone that supports the site helps enable new functionality.
CVE-2024-9324
Medium Severity Description A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical. Affected by this issue is some unknown functionality of the file /v1/operador/ of the component Relatório de Operadores Page. The manipulation of the argument fields leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was informed early on 2024-07-19 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20. Read more at https://www.tenable.com/cve/CVE-2024-9324
CVE-2024-9324
Gravedad 3.1 (CVSS 3.1 Base Score) Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
See 9 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI