Advisory: Root privilege escalation from authenticated local console account vulnerability
Publication Date: 1 Sep 2018
Last Updated: 5 Sep 2018
We are aware of a security vulnerability where a local console account user can perform root privileged escalation.
This is a medium-severity security vulnerability as a local authenticated non-privileged console user can gain root privilege access to the gateway. If remote shell access is enabled and the console default password is not changed after deployment, a remote user can gain root access.
Affected gateway products are:
- IG 3100 model 3100, model 3101
- InnGate 3.10 E-Series
The following exploit does not affect the following gateway products:
- IG 4 Product family: IG 4100, IG 4200, IG 4210 (with Update 12, released on Feb 2017)
- SG 4 Product family: SG 4200, SG 4210, SG 4300, SG 4400 (with Update 14, release on Apr 2017)
- SSG 4 (with Update 11, release on Feb 2017)
- HG 3100 / 4100
Recommended Immediate Action
- Change default console and ftponly account passwords.
- Disable remote shell access for production systems. Only enable access when necessary.
If you need assistance to perform this, you may contact ANTlabs Technical Support at firstname.lastname@example.org.
Follow up Action
Hotfixes for InnGate 3.10 and IG 3100 are already available. Please update to the latest patches:
We will be publishing more information on our ANTlabs Advisory blog with updates to this security exploit.
ANTlabs Security Response Team