CVE-2024-4163
CVSS 3.1 Score 8.3 of 10 (high)
Details
Published Apr 26, 2024
Updated: Jul 3, 2024
CWE ID 77
Summary
CVE-2024-4163 is a vulnerability affecting the Skylab IGX IIoT Gateway. The issue lies in the limited shell terminal (IGX) which runs under root privileges, allowing unauthorized users to connect. Through the use of the file exec and download functions, attackers can manipulate files, including the /etc/passwd file. By replacing this file with a new root user entry, attackers can gain unrestricted shell access and ultimately take control of the entire IIoT Gateway.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- RaspAP
Affected Vendors
- Raspap
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
Note: This is just a basic overview providing quick insights into CVE-2024-4163 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions