CVE-2024-47857
Published: 31 January 2025
Description
SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on public key signatures when using native SSH connections via a proxy port. This allows an existing PrivX "account A" to impersonate another existing PrivX "account B" and gain access to SSH target hosts to which the "account B" has access.
Security Summary
CVE-2024-47857 is an improper input validation vulnerability (CWE-20) in SSH Communication Security PrivX versions 18.0 through 36.0. It arises from insufficient validation of public key signatures during native SSH connections routed through a proxy port. The issue carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with potential for high confidentiality, integrity, and availability impacts.
An existing PrivX account A can exploit this flaw to impersonate another existing PrivX account B. This enables the attacker to access SSH target hosts authorized for account B, allowing unauthorized remote execution or data exfiltration over the network with low complexity and no special privileges beyond possessing a valid account.
Mitigation guidance and patch details are available in the vendor advisory at https://info.ssh.com/impersonation-vulnerability-privx, along with additional information at https://ssh.com. Security practitioners should review these resources promptly for deployment instructions.
Details
- CWE(s)