CVE-2022-24595 - Incorrect Access Control in Automotive Grade Linux Kooky Koi 11.x Versions

A critical vulnerability has been discovered in the Automotive Grade Linux (AGL) Kooky Koi 11.., 11..1, 11..2, 11..3, 11..4, and 11..5 versions. The vulnerability, identified as CVE-2022-24595, pertains to an Incorrect Access Control issue in the usr/bin/afb-daemon. Attackers can exploit this vulnerability without needing any credentials or user interaction, making it a high-risk security concern for affected systems.

Exploit Details

To exploit the vulnerability, an attacker must send a precisely formed HTTP or WebSocket request to the socket listened to by the afb-daemon process. This process controls essential functions within AGL's application framework. By sending a specially crafted request, an attacker can gain unauthorized access and control of essential system functions.

Here is a sample code snippet demonstrating how an attacker could craft such a request

import requests
import json

url = "http://target_ip_address:port/api";
data = {
    "method": "SomeMethod",
    "params": {
        "param1": "value1"
    }
}

headers = {
    "Content-Type": "application/json"
}

response = requests.post(url, data=json.dumps(data), headers=headers)

if response.status_code == 200:
    print("Exploit Successful")
else:
    print("Exploit Failed")

Impact

This vulnerability, if exploited, can allow an attacker to bypass intended access controls and perform unauthorized actions with unbridled access to the underlying system. As a result, potential damage includes unauthorized access to sensitive information, modifications to system configurations, and disruption of system operations.

Solution

It is strongly recommended that users of Automotive Grade Linux Kooky Koi 11.. to 11..5 immediately update their systems to the latest version, which contains a fix for the Incorrect Access Control vulnerability. Details on how to download and apply this update can be found on the AGL website. Additionally, users should implement strong network security measures, such as firewalls and content filtering, to mitigate potential attempts at exploiting this vulnerability.

References

1. CVE-2022-24595 Details
2. Automotive Grade Linux Website
3. AGL Kooky Koi Updates

Please treat this vulnerability as a high-priority issue and take appropriate measures to ensure the security of your systems.

Timeline

Published on: 03/18/2022 12:15:00 UTC
Last modified on: 03/28/2022 13:23:00 UTC