A critical security vulnerability has been discovered in IBM Engineering Systems Design Rhapsody – Model Manager (RMM), potentially allowing remote attackers to bypass security restrictions and execute code.
The flaw, identified as CVE-2024-41779, affects versions 7.0.2 and 7.0.3 of the software and has been assigned a CVSS base score of 9.8, indicating its severe nature.
The vulnerability stems from a race condition in the software’s request handling mechanism.
IBM researchers observed that by exploiting this flaw, an attacker could potentially send a specially crafted request to remotely execute code on the affected system, compromising its confidentiality, integrity, and availability.
Analyze cyber threats with ANYRUN's powerful sandbox. Black Friday Deals : Get up to 3 Free Licenses.
Technical Analysis
For RMM version 7.0.2, users are advised to download and install iFix031 or later, while those using version 7.0.3 should apply iFix008 or later.
It’s important to note that the vulnerability is only exposed when DEBUG logging is enabled for ‘IDMappingsService.verbose.’
Under normal operating conditions, this debug-level logging is not enabled by default, which significantly reduces the risk of exploitation in typical deployments.
Security experts emphasize the importance of prompt patching, given the critical nature of the vulnerability.
The ease of exploitation, coupled with the potential for remote code execution, makes this flaw particularly concerning for organizations using the affected IBM software.
While IBM has provided fixes, they have also suggested a workaround for those unable to immediately apply the patches. Users are advised not to enable DEBUG logging for ‘IDMappingsService.verbose.’
However, it’s worth noting that enabling DEBUG logging for IDMappingsService itself is not impacted by this vulnerability.
The discovery of this flaw underscores the ongoing challenges in software security, particularly in complex engineering systems.
As a result of this event, researchers urged for timely patching and sticking to best security practices remain crucial in mitigating risks associated with such vulnerabilities.
Organizations using IBM Engineering Systems Design Rhapsody – Model Manager are strongly encouraged to review their systems and apply the necessary updates to ensure their environments remain secure.
Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar