Vulnerability in Saint Security Suite - Ethical Hacker Testimonial
We’ve recently been commissioned by one of our customers to assess some well-known vulnerability scanners. Although the assessment was supposed to focus on functional aspects, the pentester part of myself couldn’t help to take a look at the technical resilience of the different applications. So, after some hours, I began making some basic injection tests.
To my great surprise it only took some minutes to discover a cross-site-scripting (XSS) vulnerability in Saint Security Suite, one of the most reputable scanners. Using the XSS, an attacker can induce a user to unwittingly perform actions within the application, so I created a simple proof of concept to demonstrate how it could be used to silently create an Administrator and take over the entire application. Watch out the video below.
Affected versions: SAINT 9.2 through 9.5.14
SAINT official advisory
Security scanners are developed like any other software, so they could turn out to be vulnerable. Besides, they also contain crucial information, like network devices credentials, assets, and security maps of the network. That’s why these applications should be isolated as much as possible from non-operational networks and protected by a Web Application Firewall.
The vulnerability was disclosed to Carson & SAINT on April 9 and the proof of concept was provided. The Saint development team reacted very quickly and released the fix on April 19. We recommend you to update your installation.
This article has been written by David Bloom, Cyber Security Senior Consultant.