CVE-2024-42365
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-42365 is a vulnerability affecting Asterisk, an open-source PBX and telephony toolkit. Prior to specific versions 18.24.2, 20.9.2, and 21.4.2, and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with `write=originate` permission could exploit a flaw to modify configuration files in the `/etc/asterisk/` directory. The vulnerability arises due to the ability to curl remote files and write them to disk, alongside the use of the `SET` application's `FILE` function to append to existing files. This issue poses a severe risk, enabling privilege escalation, remote code execution, and blind server-side request forgery with arbitrary protocol. Asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2 have been released with a fix to address this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- PB X
- Asterisk
Affected Vendors
- Sangoma Technologies