PT-2024-01: OS Command Injection in PT Network Attack Discovery (PT NAD)

Vendor: Positive Technologies

Product: PT Network Attack Discovery (PT NAD)

Vulnerable version: 12.0.0 - 12.0.577

Vulnerability type:

- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Identifier (ID): BDU:2024-04638

Vulnerability vector:

- Base vulnerability score (CVSSv3.1): CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

- Severity (CVSSv3.1): 9.6 (critical)

- Base vulnerability score (CVSSv4.0): CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

- Severity (CVSSv4.0): 9.4 (critical)


The vulnerability was identified in PT NAD affecting versions 12.0.x to 12.0.577.
The vulnerability can be exploited by an attacker with network access to PT NAD to remotely execute OS commands as a superuser. Ability of exploitation depends on the configuration. Authorization is not required for vulnerability exploitation.

Vulnerability status: Confirmed by vendor

Date of vulnerability detection: 17.06.2024

Recommendations: Update to version 12.0.578 or higher

Additional information: Security Bulletin

Researcher: Vsevolod Dergunov (Positive Technologies)