Nielsgaljaard

#28574of 53,632
9Total CVSS
Vulnerabilities · 1
PT-2024-10402
9.0
2024-08-08
Sangoma · Asterisk · CVE-2024-42365
**Name of the Vulnerable Software and Affected Versions** Asterisk versions prior to 18.24.2 Asterisk versions prior to 20.9.2 Asterisk versions prior to 21.4.2 Certified-Asterisk versions prior to 18.9-cert11 Certified-Asterisk versions prior to 20.7-cert2 **Description** The issue is related to insufficient access control in Asterisk, which can be exploited by a remote attacker to escalate privileges. This occurs because an AMI user with `write=originate` permission can change all configuration files in the `/etc/asterisk/` directory by curling remote files and writing them to disk, and also by appending to existing files using the `FILE` function inside the `SET` application. This may result in privilege escalation, remote code execution, and/or blind server-side request forgery with arbitrary protocol. **Recommendations** For Asterisk versions prior to 18.24.2, update to version 18.24.2 or later. For Asterisk versions prior to 20.9.2, update to version 20.9.2 or later. For Asterisk versions prior to 21.4.2, update to version 21.4.2 or later. For Certified-Asterisk versions prior to 18.9-cert11, update to version 18.9-cert11 or later. For Certified-Asterisk versions prior to 20.7-cert2, update to version 20.7-cert2 or later. As a temporary workaround, consider restricting the `write=originate` permission for AMI users until a patch is applied.