Samba Issues Security Updates to Patch Multiple High-Severity Vulnerabilities


Dec 17, 2022Ravie LakshmananServer Security / Network Security

Samba has released software updates to remediate multiple vulnerabilities that, if successfully exploited, could allow an attacker to take control of affected systems.

The high-severity flaws, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, have been patched in versions 4.17.4, 4.16.8 and 4.15.13 released on December 15, 2022.

Samba is an open source Windows interoperability suite for Linux, Unix, and macOS operating systems that offers file server, printing, and Active Directory services.


A brief description of each of the weaknesses is below –

  • CVE-2022-38023 (CVSS score: 8.1) – Use of weak RC4-HMAC Kerberos encryption type in the NetLogon Secure Channel
  • CVE-2022-37966 (CVSS score: 8.1) – An elevation of privilege vulnerability in Windows Kerberos RC4-HMAC
  • CVE-2022-37967 (CVSS score: 7.2) – An elevation of privilege vulnerability in Windows Kerberos
  • CVE-2022-45141 (CVSS score: 8.1) – Use of RC4-HMAC encryption when issuing Kerberos tickets in Samba Active Directory domain controller (AD DC) using Heimdal

It’s worth noting that both CVE-2022-37966 and CVE-2022-37967, which enable an adversary to gain administrator privileges, were first disclosed by Microsoft as part of its November 2022 Patch Tuesday updates.

“An unauthenticated attacker could conduct an attack that could leverage cryptographic protocol vulnerabilities in RFC 4757 (Kerberos encryption type RC4-HMAC-MD5) and MS-PAC (Privilege Attribute Certificate Data Structure specification) to bypass security features in a Windows AD environment,” the company said of CVE-2022-37966.

The patches also come as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week published 41 Industrial Control Systems (ICS) advisories pertaining to various flaws impacting Siemens and Prosys OPC products.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

White House Urges Tech Industry to Eliminate Memory Safety Vulnerabilities
SMBs at Risk From SendGrid-Focused Phishing Tactics
Watching out for the fakes: How to spot online disinformation
Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war

Leave a Reply

Your email address will not be published. Required fields are marked *