Sliver Vulnerable to RCE, Could Pwn Server
CVE-2024-41111

7.2HIGH

Key Information:

Vendor: Bishopfox
Status: Sliver
Vendor: CVE Published:; 18 July 2024

What is CVE-2024-41111?

The vulnerability in Sliver, an open-source cross-platform adversary emulation framework from BishopFox, allows a low-privileged 'operator' user to execute commands on the teamserver as the system root user, leading to unauthorized actions. This flaw enables operators to access console logs, terminate other operator sessions, and manipulate or delete files on the server. Although this issue has been recognized and flagged in previous discussions, it remains unaddressed in the current prerelease version 1.6.0. Organizations using this version are strongly advised against deploying it in production environments until a fix is implemented.

Affected Version(s)

sliver = 1.6.0-dev

References

https://github.com/BishopFox/sliver/security/advisories/G...

x_refsource_CONFIRM

https://github.com/BishopFox/sliver/issues/65

x_refsource_MISC

https://github.com/BishopFox/sliver/pull/1281

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 18, 2024

Bishopfox

What is CVE-2024-41111?

Affected Version(s)

References

CVSS V3.1

Timeline