Arbitrary Program Execution Vulnerability in Netdata Agent
CVE-2024-32019
Key Information:
Badges
What is CVE-2024-32019?
Netdata, an open-source observability tool, contains a vulnerability in the ndsudo utility bundled with certain versions of the Netdata Agent. This vulnerability arises from the ndsudo executable being set with the SUID bit, granting attackers the potential to execute arbitrary commands with elevated root permissions. Given that the execution environment for ndsudo is influenced by the PATH variable, an attacker with write access to a modified search path could exploit this flaw, resulting in local privilege escalation. This critical issue affects versions of the Netdata Agent prior to 1.45.3 and 1.45.2-169. Users are strongly encouraged to upgrade to the patched versions to mitigate the risk, as no alternative workarounds are currently available.
Affected Version(s)
netdata >= 1.45.0, < 1.45.3 < 1.45.0, 1.45.3
netdata >= 1.44.0-60, < 1.45.0-169 < 1.44.0-60, 1.45.0-169
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.