CVE-2024-42655
BaseFortify
Publication date: 2025-07-29
Last updated on: 2025-08-06
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| emqx | nanomq | 0.21.8 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an access control issue in NanoMQ version 0.21.10 that allows attackers to bypass security restrictions and access sensitive system topic messages by exploiting MQTT wildcard characters. Essentially, attackers can use these wildcard characters to circumvent normal access controls and read messages they should not have permission to see.
How can this vulnerability impact me? :
The vulnerability can have a severe impact by allowing unauthorized attackers to access sensitive system topic messages. This can lead to exposure of confidential information, disruption of message integrity, and potential denial of service. Given the high CVSS score (8.8) indicating high confidentiality, integrity, and availability impacts, exploitation could compromise system security and reliability.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring MQTT traffic for unauthorized access to sensitive system topic messages using wildcard characters. Testing can be done by attempting to subscribe to system topics with MQTT wildcard characters to see if access control is bypassed. Using MQTT client SDKs or command-line tools like mosquitto_sub to subscribe to system topics with wildcards can help identify the issue. For example, a command like `mosquitto_sub -t '$SYS/#' -h <nanomq_server>` can be used to test if unauthorized subscription is possible. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading NanoMQ to a version where this access control issue is fixed, as the vulnerability affects version 0.21.10 and earlier. If an upgrade is not immediately possible, restrict network access to the MQTT broker to trusted clients only, and monitor MQTT subscriptions for suspicious wildcard usage. Applying strict access control policies and disabling or limiting wildcard subscriptions to sensitive system topics can reduce risk until a patch is applied. [1]