CVE-2024-32656

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Apr 22, 2024
CWE ID 862

Summary

CVE-2024-32656 is a local privilege escalation vulnerability found in Ant Media Server versions 2.6.0 through 2.8.2. This vulnerability allows any unprivileged operating system user to gain root user privileges on the system. It occurs due to Ant Media Server running with Java Management Extensions (JMX) enabled and authentication disabled on localhost on port 5599/TCP. An attacker can exploit this vulnerability by connecting to the JMX service and loading a remote MBean from an attacker-controlled server, allowing them to execute arbitrary code within the Java process of Ant Media Server and gain access to the antmedia service account on the system. The issue has been patched in version 2.9.0, but as a workaround, users can disable JMX or enable authentication for JMX access to mitigate the risk. This vulnerability poses a high risk to organizations as it can lead to unauthorized privilege escalation and potential compromise of sensitive data or systems.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-32656 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options