CVE-2021-32981 Explained : Impact and Mitigation
Discover the impact of CVE-2021-32981 affecting AVEVA System Platform versions 2017 to 2020 R2 P01. Learn about the path traversal vulnerability, its implications, and mitigation steps.
AVEVA System Platform versions 2017 through 2020 R2 P01 are affected by a path traversal vulnerability that allows attackers to access files outside of restricted directories. This CVE was reported by Sharon Brizinov of Claroty to AVEVA.
Understanding CVE-2021-32981
This CVE affects the AVEVA System Platform versions 2017 through 2020 R2 P01 due to improper handling of external input in constructing file paths.
What is CVE-2021-32981?
The vulnerability in AVEVA System Platform versions 2017 through 2020 R2 P01 allows the construction of file paths that can lead to accessing files or directories located outside the intended restricted parent directory. Attackers can exploit this to gain unauthorized access to sensitive information.
The Impact of CVE-2021-32981
With a CVSS base score of 7.2, this high-severity vulnerability can result in unauthorized access to confidential data, integrity compromises, and high availability impact. The attack complexity is low, but it requires high privileges.
Technical Details of CVE-2021-32981
The vulnerability in AVEVA System Platform versions 2017 through 2020 R2 P01 arises from improper neutralization of special elements within user-supplied input, leading to path traversal.
Vulnerability Description
External input is used to construct a pathname, allowing files to be accessed outside of restricted directories, posing a risk of unauthorized data exposure.
Affected Systems and Versions
AVEVA System Platform versions 2017 through 2020 R2 P01 are impacted by this vulnerability, particularly affecting the AutoBuild functionality.
Exploitation Mechanism
Attackers can manipulate input to construct malicious pathnames that lead to accessing critical files or directories outside the designated parent directory.
Mitigation and Prevention
Organizations are advised to take immediate steps to secure their systems and prevent exploitation of this vulnerability.
Immediate Steps to Take
Disable the AutoBuild service on Runtime nodes if not needed and apply patches if available.
Long-Term Security Practices
Evaluate system architecture and product implementation to ensure robust security measures are in place.
Patching and Updates
AVEVA recommends upgrading affected System Platform versions and applying the corresponding security updates as outlined in security bulletin AVEVA-2021-002.