Security
Headlines
HeadlinesLatestCVEs

Headline

Microsoft Discovers New Privilege Escalation Flaws in Linux Operating System

Microsoft on Tuesday disclosed a set of two privilege escalation vulnerabilities in the Linux operating system that could potentially allow threat actors to carry out an array of nefarious activities. Collectively called “Nimbuspwn,” the flaws "can be chained together to gain root privileges on Linux systems, allowing attackers to deploy payloads, like a root backdoor, and perform other

The Hacker News
#vulnerability#microsoft#linux#js#java#backdoor#aws#i2p#The Hacker News

Privilege Escalation Flaws in Linux

Microsoft on Tuesday disclosed a set of two privilege escalation vulnerabilities in the Linux operating system that could potentially allow threat actors to carry out an array of nefarious activities.

Collectively called "Nimbuspwn," the flaws “can be chained together to gain root privileges on Linux systems, allowing attackers to deploy payloads, like a root backdoor, and perform other malicious actions via arbitrary root code execution,” Jonathan Bar Or of the Microsoft 365 Defender Research Team said in a report.

CyberSecurity

On top of that, the defects — tracked as CVE-2022-29799 and CVE-2022-29800 — could also be weaponized as a vector for root access to deploy more sophisticated threats such as ransomware.

The vulnerabilities are rooted in a systemd component called networkd-dispatcher, a daemon program for the network manager system service that’s designed to dispatch network status changes.

Privilege Escalation Flaws in Linux

Specifically, they relate to a combination of directory traversal (CVE-2022-29799), symbolic link (aka symlink) race, and time-of-check to time-of-use (CVE-2022-29800) flaws, leading to a scenario where an adversary in control of a rogue D-Bus service can plant and execute malicious backdoors on the compromised endpoints.

CyberSecurity

Users of networkd-dispatcher are highly recommended to update their instances to the latest version to mitigate potential arising out of exploiting the flaws.

“The growing number of vulnerabilities on Linux environments emphasize the need for strong monitoring of the platform’s operating system and its components,” Bar Or said.

“This constant bombardment of attacks spanning a wide range of platforms, devices, and other domains emphasizes the need for a comprehensive and proactive vulnerability management approach that can further identify and mitigate even previously unknown exploits and issues.”

Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

Related news

Emotet Testing New Delivery Ideas After Microsoft Disables VBA Macros by Default

The threat actor behind the prolific Emotet botnet is testing new attack methods on a small scale before co-opting them into their larger volume malspam campaigns, potentially in response to Microsoft's move to disable Visual Basic for Applications (VBA) macros by default across its products. Calling the new activity a "departure" from the group's typical behavior, ProofPoint alternatively

Mastercard Launches Next-Generation Identity Technology with Microsoft

New 'trust' tool improves online experience and helps tackle digital fraud.