OpenCVE

Nimble Commander suffers from a privilege escalation vulnerability due to the server (info.filesmanager.Files.PrivilegedIOHelperV2) performing improper/insufficient validation of a client’s authorization before executing an operation. Consequently, it is possible to execute system-level commands as the root user, such as changing permissions and ownership, obtaining a handle (file descriptor) of an arbitrary file, and terminating processes, among other operations.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Macos
Mikekazakov	Nimble Commander

Configuration 1 [-]

AND

cpe:2.3:a:mikekazakov:nimble_commander:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://pentraze.com/vulnerability-reports/CVE-2024-7062/

History

Tue, 27 Aug 2024 14:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple macos Mikekazakov Mikekazakov nimble Commander
CPEs		cpe:2.3:a:mikekazakov:nimble_commander:::::::: cpe:2.3:o:apple:macos:-:::::::*
Vendors & Products		Apple Apple macos Mikekazakov Mikekazakov nimble Commander

MITRE

Status: PUBLISHED

Assigner: Pentraze

Published: 2024-07-26T11:26:31.720Z

Updated: 2024-08-01T21:52:30.436Z

Reserved: 2024-07-23T22:18:58.485Z

Link: CVE-2024-7062

Vulnrichment

Updated: 2024-08-01T21:52:30.436Z

NVD

Status : Modified

Published: 2024-07-26T12:15:03.873

Modified: 2024-11-21T09:50:49.053

Link: CVE-2024-7062

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7062", "assignerOrgId": "41c37e40-543d-43a2-b660-2fee83ea851a", "state": "PUBLISHED", "assignerShortName": "Pentraze", "dateReserved": "2024-07-23T22:18:58.485Z", "datePublished": "2024-07-26T11:26:31.720Z", "dateUpdated": "2024-08-01T21:52:30.436Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["info.filesmanager.Files.PrivilegedIOHelperV2"], "platforms": ["MacOS"], "product": "Nimble Commander", "programFiles": ["Source/RoutedIO/source/PrivilegedIOHelper.cpp"], "repo": "https://github.com/mikekazakov/nimble-commander", "vendor": "Nimble Commander", "versions": [{"lessThanOrEqual": "v1.6.0, Build 4087", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Carlos Garrido of Pentraze Cybersecurity"}], "datePublic": "2024-07-24T11:15:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Nimble Commander suffers from a privilege escalation vulnerability due to the server (info.filesmanager.Files.PrivilegedIOHelperV2) performing improper/insufficient validation of a client\u2019s authorization before executing an operation. Consequently, it is possible to execute system-level commands as the root user, such as changing permissions and ownership, obtaining a handle (file descriptor) of an arbitrary file, and terminating processes, among other operations.<br><br>"}], "value": "Nimble Commander suffers from a privilege escalation vulnerability due to the server (info.filesmanager.Files.PrivilegedIOHelperV2) performing improper/insufficient validation of a client\u2019s authorization before executing an operation. Consequently, it is possible to execute system-level commands as the root user, such as changing permissions and ownership, obtaining a handle (file descriptor) of an arbitrary file, and terminating processes, among other operations."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "41c37e40-543d-43a2-b660-2fee83ea851a", "shortName": "Pentraze", "dateUpdated": "2024-07-26T11:26:31.720Z"}, "references": [{"url": "https://pentraze.com/vulnerability-reports/CVE-2024-7062/"}], "source": {"discovery": "UNKNOWN"}, "title": "Local Privilege Escalation in Nimble Commander <= v1.6.0, Build 4087", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "michaelkazakov", "product": "nimble_commander", "cpes": ["cpe:2.3:a:michaelkazakov:nimble_commander:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.6.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-31T13:36:36.537617Z", "id": "CVE-2024-7062", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T13:40:37.931Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:52:30.436Z"}, "title": "CVE Program Container", "references": [{"url": "https://pentraze.com/vulnerability-reports/CVE-2024-7062/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://pentraze.com/vulnerability-reports/CVE-2024-7062/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:52:30.436Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-7062", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-31T13:36:36.537617Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:michaelkazakov:nimble_commander:*:*:*:*:*:*:*:*"], "vendor": "michaelkazakov", "product": "nimble_commander", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "1.6.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T13:40:29.469Z"}}], "cna": {"title": "Local Privilege Escalation in Nimble Commander <= v1.6.0, Build 4087", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Carlos Garrido of Pentraze Cybersecurity"}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/mikekazakov/nimble-commander", "vendor": "Nimble Commander", "modules": ["info.filesmanager.Files.PrivilegedIOHelperV2"], "product": "Nimble Commander", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "v1.6.0, Build 4087"}], "platforms": ["MacOS"], "programFiles": ["Source/RoutedIO/source/PrivilegedIOHelper.cpp"], "defaultStatus": "unaffected"}], "datePublic": "2024-07-24T11:15:00.000Z", "references": [{"url": "https://pentraze.com/vulnerability-reports/CVE-2024-7062/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Nimble Commander suffers from a privilege escalation vulnerability due to the server (info.filesmanager.Files.PrivilegedIOHelperV2) performing improper/insufficient validation of a client\u2019s authorization before executing an operation. Consequently, it is possible to execute system-level commands as the root user, such as changing permissions and ownership, obtaining a handle (file descriptor) of an arbitrary file, and terminating processes, among other operations.", "supportingMedia": [{"type": "text/html", "value": "Nimble Commander suffers from a privilege escalation vulnerability due to the server (info.filesmanager.Files.PrivilegedIOHelperV2) performing improper/insufficient validation of a client\u2019s authorization before executing an operation. Consequently, it is possible to execute system-level commands as the root user, such as changing permissions and ownership, obtaining a handle (file descriptor) of an arbitrary file, and terminating processes, among other operations.<br><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization"}]}], "providerMetadata": {"orgId": "41c37e40-543d-43a2-b660-2fee83ea851a", "shortName": "Pentraze", "dateUpdated": "2024-07-26T11:26:31.720Z"}}}, "cveMetadata": {"cveId": "CVE-2024-7062", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:52:30.436Z", "dateReserved": "2024-07-23T22:18:58.485Z", "assignerOrgId": "41c37e40-543d-43a2-b660-2fee83ea851a", "datePublished": "2024-07-26T11:26:31.720Z", "assignerShortName": "Pentraze"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mikekazakov:nimble_commander:*:*:*:*:*:*:*:*", "matchCriteriaId": "E587CCE8-DA5B-43A5-B821-DE7F046421AB", "versionEndExcluding": "1.6.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Nimble Commander suffers from a privilege escalation vulnerability due to the server (info.filesmanager.Files.PrivilegedIOHelperV2) performing improper/insufficient validation of a client\u2019s authorization before executing an operation. Consequently, it is possible to execute system-level commands as the root user, such as changing permissions and ownership, obtaining a handle (file descriptor) of an arbitrary file, and terminating processes, among other operations."}, {"lang": "es", "value": "Nimble Commander sufre una vulnerabilidad de escalada de privilegios debido a que el servidor (info.filesmanager.Files.PrivilegedIOHelperV2) realiza una validaci\u00f3n incorrecta o insuficiente de la autorizaci\u00f3n de un cliente antes de ejecutar una operaci\u00f3n. En consecuencia, es posible ejecutar comandos a nivel de sistema como usuario root, como cambiar permisos y propiedad, obtener un identificador (descriptor de archivo) de un archivo arbitrario y finalizar procesos, entre otras operaciones."}], "id": "CVE-2024-7062", "lastModified": "2024-11-21T09:50:49.053", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "41c37e40-543d-43a2-b660-2fee83ea851a", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-26T12:15:03.873", "references": [{"source": "41c37e40-543d-43a2-b660-2fee83ea851a", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://pentraze.com/vulnerability-reports/CVE-2024-7062/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://pentraze.com/vulnerability-reports/CVE-2024-7062/"}], "sourceIdentifier": "41c37e40-543d-43a2-b660-2fee83ea851a", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "41c37e40-543d-43a2-b660-2fee83ea851a", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}