This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
A vulnerability in Sudo, open-source software used within HP’s Aruba AirWave management platform, can enable any unprivileged and unauthorized local user to acquire root privileges on a vulnerable host, as warned by Hewlett Packard Enterprise (HPE).
According to a recent HPE security advisory, the Sudo vulnerability may be part of a “chained attack.” An attacker gains a foothold with fewer rights via another flaw and then exploits this to escalate privileges.
The Aruba AirWave management platform for wired and wireless infrastructures is HPE’s real-time monitoring and security warning system. In January, researchers at Qualys discovered the Sudo issue (CVE-2021-3156) and think it affects millions of endpoint devices and systems.
According to the Sudo license, Sudo is software used by various platforms that allows a system admin to distribute power to give particular users (or groups of users) the ability to perform certain (or all) commands as root or another user.”
Mehul Revankar, Qualys’ VP of Product Management and Engineering, defined the Sudo bug as “perhaps the most significant Sudo vulnerability in recent memory (both in terms of scope and impact) and has been hiding in plain sight for nearly 10 years” in a research note at the time it was discovered.
For HPE, the company officially reported the issue last week, stating that it impacted the AirWave management platform prior to version 8.2.13.0, released on June 18, 2021.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: HPE: Sudo Flaw Grants Attackers Root Privileges to Aruba Platform