CVE-2024-32019
ndsudo: local privilege escalation via untrusted search path
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Netdata is an open source observability tool. In affected versions the `ndsudo` tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The `ndsudo` tool is packaged as a `root`-owned executable with the SUID bit set. It only runs a restricted set of external commands, but its search paths are supplied by the `PATH` environment variable. This allows an attacker to control where `ndsudo` looks for these commands, which may be a path the attacker has write access to. This may lead to local privilege escalation. This vulnerability has been addressed in versions 1.45.3 and 1.45.2-169. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Netdata es una herramienta de observabilidad de código abierto. En las versiones afectadas, la herramienta `ndsudo` incluida con las versiones afectadas del Netdata Agent permite a un atacante ejecutar programas arbitrarios con permisos de root. La herramienta `ndsudo` está empaquetada como un ejecutable propiedad de `root` con el bit SUID configurado. Solo ejecuta un conjunto restringido de comandos externos, pero sus rutas de búsqueda las proporciona la variable de entorno `PATH`. Esto permite a un atacante controlar dónde busca `ndsudo` estos comandos, que puede ser una ruta a la que el atacante tiene acceso de escritura. Esto puede conducir a una escalada de privilegios locales. Esta vulnerabilidad se ha solucionado en las versiones 1.45.3 y 1.45.2-169. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-04-09 CVE Reserved
- 2024-04-12 CVE Published
- 2024-04-13 EPSS Updated
- 2024-09-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-426: Untrusted Search Path
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://github.com/netdata/netdata/pull/17377 | X_refsource_misc | |
https://github.com/netdata/netdata/security/advisories/GHSA-pmhq-4cxq-wj93 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Netdata Search vendor "Netdata" | Netdata Search vendor "Netdata" for product "Netdata" | >= 1.45.0 < 1.45.3 Search vendor "Netdata" for product "Netdata" and version " >= 1.45.0 < 1.45.3" | en |
Affected
| ||||||
Netdata Search vendor "Netdata" | Netdata Search vendor "Netdata" for product "Netdata" | >= 1.44.0 < 1.45.0 Search vendor "Netdata" for product "Netdata" and version " >= 1.44.0 < 1.45.0" | en |
Affected
|