CVE-2024-4163

Privilege Escalation on IGX v1.2.12

CVE ID

CVE-2024-4163

Description

There is a vulnerabilitty in the Skylab IGX IIoT Gateway limited shell (IGX) which allowed the attacker to read, write, and modify any file in the operating system by utilizing the limited shell file exec and download functions. By replacing the /etc/passwd file with a new root user entry, the attacker was able to breakout from the limited shell and login to a unrestricted shell with root access. With the root access, the attacker will be able take full control of the IoT Gateway.

Tested Versions

v1.2.12

Details

Skylab IGX IIoT Gateway is a gateway that connect various wireless/wired IoT devices and unifies different protocols to the IoT standard

Timeline

• 2023-12-19 - Vendor Disclosure
• EOL - Vendor Patched
• 2024-04-25 - Public Release

Credit

Discovered by Tan Inn Fung and Mah Chia Hui of Govtech.