Login Sign Up

CVE-2021-3134

7.8 HIGH

📋 TL;DR

CVE-2021-3134 is a local privilege escalation vulnerability in Mubu 2.2.1 that allows authenticated local users to execute arbitrary commands with elevated privileges. This affects users running vulnerable versions of Mubu software on their systems. Attackers with initial access to a user account can escalate to higher privileges.

💻 Affected Systems

Products:
  • Mubu
Versions: 2.2.1
Operating Systems: Windows, Linux, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: Requires local user access to the system running Mubu 2.2.1. The vulnerability is present in the default installation.

📦 What is this software?

Mubu by Mubu

View all CVEs affecting Mubu →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with local access can gain full system control, install persistent malware, steal sensitive data, and pivot to other systems in the network.

🟠

Likely Case

Malicious insiders or attackers who have compromised a user account can escalate privileges to install additional tools, maintain persistence, and access restricted resources.

🟢

If Mitigated

With proper access controls, least privilege principles, and network segmentation, impact is limited to the compromised host with reduced lateral movement potential.

🌐 Internet-Facing: LOW - This is a local privilege escalation requiring initial access to the system, not directly exploitable over the internet.
🏢 Internal Only: HIGH - Once an attacker gains initial access to a vulnerable system, they can easily escalate privileges and compromise the entire host.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires local access to the system. The vulnerability allows privilege escalation from a standard user to higher privileges.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 2.2.1

Vendor Advisory: http://mubu.com/doc/d5501245199

Restart Required: Yes

Instructions:

1. Download latest Mubu version from official website. 2. Uninstall current version. 3. Install updated version. 4. Restart system to ensure all components are updated.

🔧 Temporary Workarounds

Restrict local user access

all

Limit which users can access systems running Mubu software

Implement least privilege

all

Run Mubu with minimal necessary privileges using application control or sandboxing

🧯 If You Can't Patch

  • Remove Mubu 2.2.1 from production systems entirely
  • Implement strict network segmentation to isolate systems running vulnerable Mubu versions

🔍 How to Verify

Check if Vulnerable:

Check Mubu version: On Windows, check 'About' in Mubu application or check installed programs list. On Linux/macOS, check application version in About menu or package manager.

Check Version:

Windows: wmic product where name='Mubu' get version
Linux/macOS: Check application About menu or package manager

Verify Fix Applied:

Verify Mubu version is greater than 2.2.1 and test privilege escalation attempts fail.

📡 Detection & Monitoring

Log Indicators:

  • Unusual privilege escalation attempts
  • Suspicious process creation from Mubu context
  • Failed authorization attempts followed by successful privilege changes

Network Indicators:

  • Unusual outbound connections from systems running Mubu
  • Lateral movement attempts from previously compromised hosts

SIEM Query:

Process creation where parent_process contains 'mubu' and (process contains 'cmd.exe' or process contains 'powershell.exe' or process contains 'bash')

📊 Metadata

CVE ID: CVE-2021-3134
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: January 12, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON