[Japanese]

JVNDB-2024-003008

Sangoma Technologies CG/MG family driver cg6kwin2k.sys vulnerable to insufficient access control on its IOCTL

Overview

CG/MG family driver cg6kwin2k.sys provided by Sangoma Technologies is vulnerable to insufficient access control on its IOCTL (CWE-782).

Takahiro Haruyama of Broadcom Carbon Black reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 6.1 (Medium) [Other]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: High
  • Availability Impact: None
Affected Products


Sangoma
  • cg6kwin2k.sys versions prior to 2.1.7.0

Impact

By sending a specific IOCTL request, a user without the administrator privilege may perform I/O to arbitrary hardware port or physical address, resulting in erasing or altering of the firmware.
Solution

[Update the Device Driver]
Update the device driver to the latest version according to the information provided by the developer.
The developer addressed the vulnerability in the following version:

* cg6kwin2k.sys 2.1.7.0, included in Sangoma NaturalAccess Development Environment Release 9.0.9 (NA-9.0.9-Server-2019_2022-80.amd64.exe)
Vendor Information

Sangoma
CWE (What is CWE?)

  1. Exposed IOCTL with Insufficient Access Control(CWE-782) [Other]
CVE (What is CVE?)

  1. CVE-2024-29216
References

  1. JVN : JVNVU#90671953
  2. JVN : JVNTA#90371415
Revision History

  • [2024/03/22]
      Web page was published
  • [2024/04/24]
      References : Content was added

Date Public2024/03/21
Date First Published2024/03/22
Date Last Updated2024/04/24