PT-2022-11224 · Otris · Otris Update Manager

Shadi Habbal

Published

2022-03-07

Updated

2022-03-16

CVE-2021-40376

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions otris Update Manager version 1.2.1.0

Description The issue allows local users to gain SYSTEM access through unauthenticated calls to exposed interfaces over a .NET named pipe. It is also possible that a remote attack could be conducted by leveraging WsHTTPBinding for HTTP traffic on TCP port 9000.

Recommendations For otris Update Manager version 1.2.1.0, consider restricting access to the exposed interfaces over the .NET named pipe and limiting HTTP traffic on TCP port 9000 to prevent potential exploitation. As a temporary workaround, restrict access to the WsHTTPBinding interface until a patch is available.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2021-40376

Affected Products

Otris Update Manager

PT-2022-11224 · Otris · Otris Update Manager

CVE-2021-40376

Weakness Enumeration

Related Identifiers

Affected Products

References · 5