Samba has released software updates to remediate multiple vulnerabilities that, if successfully exploited, could allow an attacker to take control of affected systems.
The high-severity flaws, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, have been patched in versions 4.17.4, 4.16.8 and 4.15.13 released on December 15, 2022.
Samba is an open source Windows interoperability suite for Linux, Unix, and macOS operating systems that offers file server, printing, and Active Directory services.
A brief description of each of the weaknesses is below –
- CVE-2022-38023 (CVSS score: 8.1) – Use of weak RC4-HMAC Kerberos encryption type in the NetLogon Secure Channel
- CVE-2022-37966 (CVSS score: 8.1) – An elevation of privilege vulnerability in Windows Kerberos RC4-HMAC
- CVE-2022-37967 (CVSS score: 7.2) – An elevation of privilege vulnerability in Windows Kerberos
- CVE-2022-45141 (CVSS score: 8.1) – Use of RC4-HMAC encryption when issuing Kerberos tickets in Samba Active Directory domain controller (AD DC) using Heimdal
It’s worth noting that both CVE-2022-37966 and CVE-2022-37967, which enable an adversary to gain administrator privileges, were first disclosed by Microsoft as part of its November 2022 Patch Tuesday updates.
“An unauthenticated attacker could conduct an attack that could leverage cryptographic protocol vulnerabilities in RFC 4757 (Kerberos encryption type RC4-HMAC-MD5) and MS-PAC (Privilege Attribute Certificate Data Structure specification) to bypass security features in a Windows AD environment,” the company said of CVE-2022-37966.
The patches also come as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week published 41 Industrial Control Systems (ICS) advisories pertaining to various flaws impacting Siemens and Prosys OPC products.