Issue Date: 2021-09-09
CVE(s): Nmap Mechanics – CVE-2021-41316 | SNMP – CVE-2021-41315
Synopsis: Device42 updates address security vulnerabilities
Author: Kayse Horton
On 07 September 2021, we released version 17.05.01 for download. This version contains critical vulnerability fixes that were recently detected and addressed in this version. There are two CVEs that reference Device42, and the details of the issues follow below.
- Impacted Areas
- Device42 Nmap scanning
- Device42 SNMP connectivity utility
- Introduction
- Vunerabilities within the Device42 discovery service were privately reported to Device42. The patched version is available at https//www.device42.com/update.
Writing and executing with additional Nmap mechanics (CVE-2021-41316)
Description
Nmap scans which allowed access to additional nmap mechanics like writing files and executing scripts.
Known Attack Vectors
A malicious actor without appropriate access could write to files and execute scripts.
Resolution
To remediate, any versions prior to 17.05.01 need to upgrade to the version linked above.
Workarounds
None.
Additional Documentation
None.
Acknowledgements
Device42 would like to thank our customer’s security team for reporting this vulnerability to us.
Privilege escalation in SNMP connectivity utility (CVE-2021-41315)
Description
Privilege escalation issue which allowed SNMP connectivity utility to run a root and allowing netcat install to send a shell to a remote listener.
Known Attack Vectors
A malicious actor could escalate permissions to run as root or send a shell to a remote listener.
Resolution
To remediate, any versions prior to 17.05.01 need to upgrade to the version linked above.
Workarounds
None.
Additional Documentation
None.
Acknowledgements
Device42 would like to thank our customer’s security team for reporting this vulnerability to us.
