WatchGuard SSO Agent Telnet Authentication Bypass

Advisory ID

WGSA-2024-00015

CVE

CVE-2024-6593

Impact

Critical

Status

Acknowledged

Product Family

Other Software

Published Date

2024-09-25

Updated Date

2024-09-24

Workaround Available

True

CVSS Score

9.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Summary

An incorrect authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows allows an attacker with network access to execute restricted management commands.

An attacker that has already gained network access could exploit this vulnerability to retrieve authenticated usernames and group memberships from the Single Sign-On Agent or tamper with the agent configuration. This vulnerability cannot be used by an attacker to gain access to user credentials.

WatchGuard is not aware of any exploitation of this vulnerability in the wild.

Affected

This issue affects the Authentication Gateway: through 12.10.2.

Workaround

An attacker must have already established network access to exploit this vulnerability. WatchGuard recommends using Windows Firewall rules to restrict TCP port 4114 network access to the Authentication Gateway to only allow connections from the Firebox.

Windows administrators can use Group Policy objects to add Windows firewall rules to their endpoints.

Credits

Found by RedTeam Pentesting GmbH

References

https://www.redteam-pentesting.de/advisories/rt-sa-2024-007

Advisory Product List

Product Family

Product Branch

Product List

Other Software

Authentication Gateway

Liste consultative

Go to