Critical Ant Media Server Flaw Allows Root Access: CVE-2024-32656 Uncovered
April 27, 2024
A local privilege escalation vulnerability, CVE-2024-32656, was found in Ant Media Server by research firm Praetorian.
The flaw originated from an unauthenticated Java Management Extensions (JMX) interface, which permitted unprivileged users to execute code as the 'antmedia' service account.
The vulnerability could be exploited to gain root access to the system and was present in Ant Media Server version 2.8.2.
The exploitation process involved using the JMX service to load a malicious MBean, facilitating arbitrary code execution.
The case underscores the security risks associated with unauthenticated JMX and RMI services in software applications.
Praetorian responsibly disclosed the vulnerability, emphasizing the importance of addressing such security issues in JMX services.
Summary based on 1 source
Get a daily email with more Tech stories
Source

Security Boulevard • Apr 26, 2024
Local Privilege Escalation Vulnerability in Ant Media Server (CVE-2024-32656)