CVE-2017-18837

Vulnerability

A vertical privilege escalation vulnerability exists in the firmware of multiple NETGEAR fully managed switch models, including M4300-28G, M4300-52G, M4300-28G-POE+, M4300-52G-POE+, M4300-8X8F, M4300-12X12F, M4300-24X24F, M4300-24X, M4300-48X, and M4200. All devices running firmware versions prior to 12.0.2.15 are affected [1]. The exact code path and conditions required for exploitation are not publicly detailed, but the vulnerability is present in the switch's management interface or underlying system.

Exploitation

An attacker must have local access to the affected switch and possess low-privileged credentials (e.g., a standard user account). No user interaction is required. The attacker can then exploit the vulnerability to escalate their privileges to a higher level, such as administrator or root [1]. The CVSS vector indicates low attack complexity, suggesting the exploitation steps are straightforward once local access is achieved.

Impact

Successful exploitation grants the attacker elevated privileges, leading to full compromise of confidentiality, integrity, and availability of the switch. The attacker can read sensitive configuration data, modify settings, install malicious firmware, or disrupt network operations. The CVSS v3 base score is 7.8 (High), reflecting the severe impact on all three security objectives [1].

Mitigation

NETGEAR has released firmware version 12.0.2.15 to fix this vulnerability. Users should update their switches to this version or later as soon as possible. No workarounds are provided, and the vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date [1].