Skip to main content

Remote code execution vulnerability present in Samba versions prior to 4.13.17

A vulnerability (CVE-2021-44142) has been identified in Samba versions prior to 4.13.17. Exploitation of this vulnerability could allow a malicious cyber actor to perform privileged remote code execution. Affected Australian organisations should apply the available patch, including affected software vendors.

Alert status
HIGH

 Background /What has happened?

A remote code execution (RCE) vulnerability (CVE-2021-44142) has been identified in Samba versions  prior to 4.13.17. Samba is a popular open source implementation of the Server Message Block (SMB) protocol, which allows users of Linux, Windows and MacOS operating systems to share and print files across a network.

Exploitation of this vulnerability could allow a malicious actor to remotely install malware or otherwise control the affected device.

Samba’s vendor list shows the potential devices and software that may be affected by this vulnerability.

Further information on this vulnerability is available in the Samba security advisory.

Mitigation / How do I stay secure?

Australian organisations who use Samba versions prior to 4.13.17 should review their patch status and update to the latest version. Samba have released a security advisory listing vulnerable versions.

A patch has been released for affected versions of Samba, which mitigates several vulnerabilities including CVE-2021-44142.

Assistance / Where can I go for help?

The ACSC is monitoring the situation and can provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1 (1300 292 371).

 

Was this information helpful?
Was this information helpful?

Thanks for your feedback!

 
Optional

Tell us why this information was helpful and we’ll work on making more pages like it