CVE-2024-48729: Privilege Escalation Vulnerability in ETSI OSM MANO
ETSI Open Source MANO (OSM) is a management and orchestration (MANO) stack for virtualized network functions (VNFs). A vulnerability has been discovered that could allow an attacker with low privileges to escalate their access within the OSM system.
Vulnerability Details
- CVE ID: CVE-2024-48729
- Description: An issue exists in ETSI Open-Source MANO (OSM) versions 14.x and 15.x, specifically within the `/osm/admin/v1/users` component. This flaw allows a remote attacker to escalate their privileges.
- CVSS Score: 7.1 HIGH
- CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
- CVSS Explanation: This vulnerability has a high severity score. The attack vector is network-based (AV:N), meaning it can be exploited remotely. It has a low attack complexity (AC:L) and requires low privileges (PR:L). User interaction is not required (UI:N). Confidentiality impact is high (C:H), integrity impact is low (I:L), and availability impact is none (A:N). Essentially, a low-privileged user can potentially gain access to sensitive information and modify some data, but cannot disrupt service availability.
- Exploit Requirements: An attacker would need valid low-privileged credentials to exploit this vulnerability.
- Affected Vendor: ETSI
- Affected Product: Open-Source MANO (OSM)
- Affected Versions: 14.x, 15.x
- CWE: CWE-269 - Improper Privilege Management
- CWE Explanation: CWE-269 describes a situation where the software does not properly manage the privileges granted to users. This can lead to unauthorized access to resources or functionality.
Timeline of Events
- 2025-07-25: CVE Published
Exploitability & Real-World Risk
Given the low privileges required, this vulnerability poses a significant risk. If OSM is exposed to the internet, or even an internal network, an attacker gaining initial access can potentially escalate their privileges and gain unauthorized control over the network orchestration platform. This could lead to service disruptions, data breaches, or other malicious activities. OSM is crucial for managing network functions; therefore, compromising it could have wide-reaching implications.
Recommendations
- Apply the latest security patches provided by ETSI for OSM.
- Review user access controls and ensure the principle of least privilege is enforced.
- Monitor OSM deployments for suspicious activity.
- Implement network segmentation to limit the impact of a potential breach.
Technical Insight
The vulnerability likely stems from insufficient authorization checks within the `/osm/admin/v1/users` component. This allows a low-privileged user to perform actions that should only be permitted for administrators, such as modifying user roles or permissions. By manipulating API requests or exploiting flaws in the permission model, an attacker can effectively elevate their privileges.
Credit to Researcher(s)
The vulnerability was discovered by researchers at Osmium Solutions. See their blog post for a full write-up.
References
Tags
CVE-2024-48729, ETSI OSM MANO, Privilege Escalation, Security Vulnerability, Network Orchestration, MANO
Summary: A privilege escalation vulnerability exists in ETSI Open-Source MANO (OSM) versions 14.x and 15.x, allowing an attacker with low privileges to potentially gain elevated access to the system. This could lead to unauthorized control over the network orchestration platform.
CVE ID: CVE-2024-48729
Risk Analysis: Successful exploitation can lead to unauthorized access to sensitive information, modification of network configurations, and potentially, complete control over the OSM system, impacting network functions and services managed by OSM.
Recommendation: Apply the latest security patches provided by ETSI, review user access controls, monitor OSM deployments for suspicious activity, and implement network segmentation.
Timeline
- 2025-07-25: CVE Published