31 August 21, 12:48
Quote:Hewlett Packard Enterprise (HPE) is warning a vulnerability in Sudo, an open-source program used within its Aruba AirWave management platform, could allow any unprivileged and unauthenticated local user to gain root privileges on a vulnerable host.
Rated high in severity, HPE warns the Sudo flaw could be part of a “chained attack” where an “attacker has achieved a foothold with lower privileges via another vulnerability and then uses this to escalate privileges,” according to a recent HPE security bulletin.
The Aruba AirWave management platform is HPE’s real-time monitoring and security alert system for wired and wireless infrastructures. The Sudo bug (CVE-2021-3156) was reported in January by Qualys researchers and is believed to impact millions of endpoint devices and systems.
Sudo is a program used by other platforms that “allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user,” according to the Sudo license.
Read more: HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform