Skip to main content

Nature of Vulnerability:

  • Type: Path Traversal Vulnerability (CVE-2023-50916)
  • Impact: Allows attackers logged onto the network to manipulate the backup database path.
  • Exploitation: Attackers can authenticate the path, potentially gaining access to hashed Active Directory credentials.

Exploitation Details:

  • Requirement: Attacker needs network access.
  • Vulnerability Description: Attackers alter the backup database path through manipulation.
  • Safeguard Bypass: Kyocera had a safeguard, but it could be bypassed via web interception proxies or direct requests to the application endpoint.
  • Authentication Information: Depending on IT settings, the authentication message might contain hashed Active Directory credentials (NTLM hashes), especially if NTLM traffic restriction policies are not enabled for remote servers.

Response:

  • Patch Release: Kyocera addressed the vulnerability by releasing a patch in late December.
  • Initial Disclosure: Trustwave researchers initially disclosed the flaw in a blog post.

If you like something I've posted please feel free to click the "like" button!

Original Post

Add Reply

Post
×
×
×
×
Link copied to your clipboard.
×
×