Helmholz: Privilege Escalation in shDialup (Update A)

VDE-2021-057

Last update

14.05.2025 15:00

Published at

28.03.2021 15:03

Vendor(s)

Helmholz GmbH & Co. KG

External ID

VDE-2021-057

CSAF Document

Download

Summary

Multiple Vulnerabilities in a software service of shDIALUP can lead to arbitrary code execution due to improper privilege management.

Update A, 2022-03-28

Updated CVSS score from CVE-2021-33527 from 7.8 to 9.8 due to new information about the vulnerability

Impact

Please consult the CVE entries.

Affected Product(s)

Model no.	Product name	Affected versions
	shDialup	Firmware <=3.9R0.0

Vulnerabilities

Expand / Collapse all

Published

22.09.2025 14:57

Severity

9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness

Improper Input Validation (CWE-20)

Summary

In MB connect line mbDIALUP versions <=3.9R0.0 a remote attacker can send a specifically crafted HTTP request to the service running with NT AUTHORITY\SYSTEM that will not correctly validate the input. This can lead to an arbitrary code execution with the privileges of the service.

References

cve.org | nvd.nist.gov

Published

22.09.2025 14:57

Severity

7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness

Improper Privilege Management (CWE-269)

Summary

In MB connect line mbDIALUP versions <=3.9R0.0 a low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM instructing it to execute a malicous OpenVPN configuration resulting in arbitrary code execution with the privileges of the service.

References

cve.org | nvd.nist.gov

Remediation

Update shDialup to 3.9R0.5

Revision History

Version	Date	Summary
1	28.03.2021 15:03	initial revision
2	14.05.2025 15:00	Fix: added distribution

Helmholz: Privilege Escalation in shDialup (Update A)

Summary

Impact

Affected Product(s)

Vulnerabilities

CVE-2021-33527 9.8

CVE-2021-33526 7.8

Remediation

Revision History