Claroty finds 11 vulnerabilities in Nagios
Industrial IoT security company Claroty has discovered 11 vulnerabilities affecting popular network management system Nagios that could leave users vulnerable to credential theft, phishing attacks and escalation of user permissions.
Nagios — an open-source tool for monitoring IT infrastructure for performance issues — is used by thousands of organisations worldwide.
Researchers from Claroty’s Team82 discovered vulnerabilities that can lead to remote code execution with the same privileges as an Apache user.
By chaining some of the vulnerabilities, the users were able to exploit the vulnerabilities to gain remote access to all network management systems through root privileges.
In a threat advisory, Team82 said it had commenced the research in light of the high-profile recent SolarWinds and Kaseya supply chain attacks.
Claroty is recommending all users of Nagios Core and Nagios Core Xi update their affected systems as a matter of urgency.
Network administrators should also monitor access to the network management system to limit access to privileged insiders.
Network management systems have oversight of core servers, devices and other critical components in the enterprise network. Because the systems are used to monitor servers, they also often contain many network secrets such as credentials or API tokens that would be attractive to attackers.
Image credit: ©stock.adobe.com/au/denisismagilov
A report released by Bitdefender has revealed that the majority of online consumers practice...
Claroty has formally opened its regional headquarters office in Singapore, after experiencing...
New criminal offences, tougher penalties and a mandatory reporting regime have been...