WAPT : Discovery of a security breach

by | Aug 17, 2021 | WAPT

Recently, we were contacted by an organization wishing to inform us of the discovery of a significant security vulnerability regarding WAPT. Find all the important information in this article, including the patch for the breach.

The security breach in WAPT

It is during a Red Team mission that the ITT&AC (Independent Technical & Automation Center) team of BNPParibas discovered the security breach. This vulnerability, identified by “Anass Annour from the Risk ORM/ITT&AC team of BNPParibas”, was previously unknown (Zero Day).

It turns out that this vulnerability allows users to elevate their privileges via the WAPT agent. For obvious security reasons, we can’t tell you more about the nature of this vulnerability and how it works.

However, we would like to point out that this vulnerability is important and should be fixed as soon as possible. You can find the CVSS score of this breach, to get more details.

CVSS score of the WAPT security breach

In the cybersecurity sector, the CVSS score is used to evaluate the critical aspect of a vulnerability in a standardized way, based on objective and measurable criteria. The acronym CVSS stands for Common Vulnerability Scoring System. This evaluation is based on 3 precise measures:

  1. The basic metric
  2. The temporal metric
  3. The environmental metric

What is a red team?

A Red Team is a team whose objective is to test the computer security of your systems by trying to hack them. Its members simulate malicious attacks aimed at penetrating the systems they have to study. Of course, these actions are done in a benevolent and preventive way and aim at identifying vulnerabilities so that they can be corrected as soon as possible. Red Teams are often opposed to Blue Teams or even Purple Teams, which have a different objective and function.

 

Quickly fix the security breach

We are already able to provide a patch to remove this security vulnerability. We can therefore communicate on it, in compliance with the “responsible disclosure” process.

The fix is quite simple to follow since you just have to update WAPT. Two versions are available to simplify this work:

  • Choose WAPT 2.0.0.9450 : Hash 7bc6920c
  • Choose WAPT 1.8.2.7373 : Hash e96e569c

As the security breach concerns an elevation of privilege, you can use the “TIS-AUDIT-LOCAL-ADMINS” package (available for free on the WAPT Store) to make sure that everything is in order on your computer. In addition, these links will be useful, if you want to learn more about this security breach:

What is a responsible disclosure process?

Responsible disclosure is a model of computer vulnerability disclosure. This method, based on the full disclosure model, aims to publish these vulnerabilities as soon as possible. Even so, responsible disclosure seeks to allow sufficient time for the affected organization to provide a fix before the vulnerability is disclosed.

What is a CVE?

The CVE, or Common Vulnerabilities and Exposures, refers to an international list of computer security vulnerabilities. This initiative is organized by the MITRE and supported by the United States Department of Homeland Security.

One of the goals and benefits of WAPT has always been to promote the importance of updating your software. The goal is to protect yourself from the risks represented by security breach. This time, unfortunately, this awareness work goes further as WAPT itself serves as an example. Proof that you can never be too careful and that cybersecurity is a long-term job.