Companies that provide network-attached storage (NAS) appliances, routers and other types of networking devices have started investigating the impact of a recently disclosed Samba vulnerability on their products.
Updates released last week for Samba, the software suite that provides file and print sharing capabilities between Windows and Unix computers, address a remote code execution flaw (CVE-2017-7494) that affects all versions of the product since 3.5.0, released in March 2010. The fix is included in Samba versions 4.6.4, 4.5.10 and 4.4.14, and a workaround has been made available for unsupported versions.
The security hole can be exploited by a malicious client to upload a shared library to a writable share, and then cause the server to load and execute that library.
While some have compared the vulnerability to the SMB weakness exploited in the recent WannaCry ransomware attacks – due to the fact that one of the protocols implemented by Samba is SMB – others believe CVE-2017-7494 is not as dangerous and there have been no reports of attacks in the wild.
On the other hand, proof-of-concept (PoC) exploits have been released and Rapid7 has identified roughly 110,000 Internet-connected devices running vulnerable versions of Samba.
Samba is used in many products, including routers, NAS systems, servers and IoT devices, and several vendors have already started releasing patches and workarounds.
Cisco has so far only identified two vulnerable products: the Cisco Network Analysis Module and the Cisco Video Surveillance Media Server. The list of products still under investigation includes routers, network and content security, unified computing, communications, and video and telepresence solutions.
NETGEAR informed customers that CVE-2017-7494 affects all its ReadyNAS, all ReadyDATA, and several C, R and N series routers. The company has already released firmware fixes for ReadyNAS 6.x. Until patches become available for other devices, users have been advised to disable write access to shared drives, and remove any USB storage devices connected to their routers or gateways.
QNAP and Synology have also started releasing patches for their affected products, but WD does not appear to have published any security advisories, despite several forum posts on this topic.
Veritas has informed customers that it’s working on patches for its NetBackup Appliances. NetApp has determined that the Samba vulnerability only affects its StorageGRID products, for which the company has released workarounds.
Sophos and F5 Networks told users that their products are not vulnerable to attacks exploiting this flaw.
