CVE-2024-9166 - Vulnerability Details - OpenCVE

The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Atelmo	Atemio Am 520 Hd Firmware

No data.

No data.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-03

History

Thu, 26 Sep 2024 19:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Atelmo Atelmo atemio Am 520 Hd Firmware
CPEs		cpe:2.3:o:atelmo:atemio_am_520_hd_firmware::::::::
Vendors & Products		Atelmo Atelmo atemio Am 520 Hd Firmware
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 26 Sep 2024 17:15:00 +0000

Type	Values Removed	Values Added
Description		The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access.
Title		OS Command Injection in Atelmo Atemio AM 520 HD Full HD Satellite Receiver
Weaknesses		CWE-78
References		https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-03
Metrics		cvssV4_0 `{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2024-09-26T16:55:51.242Z

Updated: 2024-09-26T18:23:52.328Z

Reserved: 2024-09-24T19:19:58.951Z

Link: CVE-2024-9166

Vulnrichment

Updated: 2024-09-26T17:54:57.622Z

NVD

Status : Awaiting Analysis

Published: 2024-09-26T17:15:04.460

Modified: 2024-09-30T12:46:20.237

Link: CVE-2024-9166

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-9166", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2024-09-24T19:19:58.951Z", "datePublished": "2024-09-26T16:55:51.242Z", "dateUpdated": "2024-09-26T18:23:52.328Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Atemio AM 520 HD Full HD Satellite Receiver", "vendor": "Atelmo", "versions": [{"lessThanOrEqual": "TitanNit 2.01", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "CISA discovered a public Proof of Concept (PoC) as authored by Gjoko Krstic and reported it to Atelmo."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access.</p><br>"}], "value": "The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2024-09-26T16:55:51.242Z"}, "references": [{"tags": ["government-resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-03"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Atelmo has stated that this product has been discontinued. There are no service or support addresses that can be contacted.</p><p>For more information, contact <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.atelmo.com/epages/Atelmo.sf/de_DE/?ObjectPath=/Shops/Atelmo/Categories/Service/Kontakt\">Atelmo</a>.</p>\n\n<br>"}], "value": "Atelmo has stated that this product has been discontinued. There are no service or support addresses that can be contacted.\n\nFor more information, contact Atelmo https://www.atelmo.com/epages/Atelmo.sf/de_DE/ ."}], "source": {"discovery": "UNKNOWN"}, "title": "OS Command Injection in Atelmo Atemio AM 520 HD Full HD Satellite Receiver", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "atelmo", "product": "atemio_am_520_hd_firmware", "cpes": ["cpe:2.3:o:atelmo:atemio_am_520_hd_firmware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "titannit_2.01", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-26T17:45:19.138785Z", "id": "CVE-2024-9166", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-26T18:23:52.328Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-9166", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2024-09-24T19:19:58.951Z", "datePublished": "2024-09-26T16:55:51.242Z", "dateUpdated": "2024-09-26T18:23:52.328Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Atemio AM 520 HD Full HD Satellite Receiver", "vendor": "Atelmo", "versions": [{"lessThanOrEqual": "TitanNit 2.01", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "CISA discovered a public Proof of Concept (PoC) as authored by Gjoko Krstic and reported it to Atelmo."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access.</p><br>"}], "value": "The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2024-09-26T16:55:51.242Z"}, "references": [{"tags": ["government-resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-03"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Atelmo has stated that this product has been discontinued. There are no service or support addresses that can be contacted.</p><p>For more information, contact <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.atelmo.com/epages/Atelmo.sf/de_DE/?ObjectPath=/Shops/Atelmo/Categories/Service/Kontakt\">Atelmo</a>.</p>\n\n<br>"}], "value": "Atelmo has stated that this product has been discontinued. There are no service or support addresses that can be contacted.\n\nFor more information, contact Atelmo https://www.atelmo.com/epages/Atelmo.sf/de_DE/ ."}], "source": {"discovery": "UNKNOWN"}, "title": "OS Command Injection in Atelmo Atemio AM 520 HD Full HD Satellite Receiver", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-9166", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-26T17:45:19.138785Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:atelmo:atemio_am_520_hd_firmware:*:*:*:*:*:*:*:*"], "vendor": "atelmo", "product": "atemio_am_520_hd_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "titannit_2.01"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-26T17:54:57.622Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access."}, {"lang": "es", "value": "El dispositivo permite que un atacante no autorizado ejecute comandos del sistema con privilegios elevados. Esta vulnerabilidad se facilita mediante el uso de la consulta 'getcommand' dentro de la aplicaci\u00f3n, lo que permite al atacante obtener acceso superusuario."}], "id": "CVE-2024-9166", "lastModified": "2024-09-30T12:46:20.237", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2024-09-26T17:15:04.460", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-270-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}