This issue has been addressed by removing directory traversal capabilities from the endpoint. An attacker with administrator privileges on the system can now create, delete, update, and display files outside of the configuration directory. Ironman Software recommends patching all systems as soon as possible. This issue has been addressed in v3.5.3. There are no known issues with v2.x.

Vulnerability Description

Critical vulnerability has been found in Ironman Software's v2.x for Windows endpoint.
Ironman Software recommends patching all systems as soon as possible.

Vulnerability Discovery

Ironman Software has discovered a vulnerability with v2.x of their endpoint software. This issue could allow an attacker with administrative privileges on the system to create, delete, update, and display files outside of the configuration directory. Ironman recommends patching all systems as soon as possible.

Outbound TCP Connection

Injection Vulnerability

Ironman Software has discovered a vulnerability in the outbound TCP connection method that could allow unauthenticated attackers to inject data into any port on a vulnerable system.
The vulnerability exists because Ironman failed to restrict access to the configuration directory, allowing an attacker with administrator privileges on the system to create, delete, update, and display files outside of the configuration directory. Ironman has patched all systems as soon as possible and recommends patching all others as well. This issue has been addressed in v3.5.3. There are no known issues with v2.x.

Third-party libraries and System Vulnerabilities

Ironman Software, the company that created Ironman File System (IFS), has released a security advisory that notes that Third-party libraries and System Vulnerabilities have been addressed.
The vulnerability was resolved in v3.5.3 of the file system. A patch is available for v2.x systems

Timeline

Published on: 11/14/2022 08:15:00 UTC
Last modified on: 11/16/2022 18:50:00 UTC

References