CVE-2023-3972

Summary

CVE-2023-3972: A vulnerability was discovered in the insights-client software. This issue allows an unprivileged user or attacker to create a directory (/var/tmp/insights-client) with dangerous permissions before the insights-client is registered by the root user. Once registered, the attacker can manipulate the directory's content, placing malicious scripts that will be executed as root, bypassing SELinux protections. This vulnerability stems from insecure file operations and unsafe handling of temporary files and directories, leading to local privilege escalation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.