Security researchers revealed memory corruption vulnerabilities in open-source Virtual Network Computing (VNC) systems and warned that the exploitation of these vulnerabilities could lead to remote code execution affecting the users. As per shodan.io, Virtual Network Computing systems amount to more than 600,000 servers accessible from the global network. However, the real number of VNC installations is multi-fold considering that devices are only accessible within local networks.
VNC systems provide remote access to one device from the other, courtesy of a remote frame buffer (RFB) protocol. According to researchers at cybersecurity firm Kaspersky, VNC systems have become some of the most popular desktop sharing tools to date due to their multiple-platform availability and multiple open-source versions. Approximately 32 per cent of industrial network computers have some form of remote administration tools including VNC and they are actively used in automated industrial facilities enabling remote control of systems.
-- Researchers say the prevalence level of VNC systems including the vulnerable ones and particularly vulnerable ones is a significant issue for the industrial sector.
-- Potential damages can bring significant losses through disruption of complex production processes.
-- Researchers also studied some of the most popular VNC systems such as LibVNC, UltraVNC, TightVNC1.X and TurboVNC.
-- Despite analyzing VNC systems previously by other researchers, it turned out not all vulnerabilities were then uncovered and patched.
-- Researchers show 37 CVE records marking various vulnerabilities were created.
-- Vulnerabilities were found not only on the client but also on the server-side of the system.
-- Some of the VNC systems can allow remote code execution
-- Vulnerable VNC Systems could allow a malicious actor to make arbitrary changes on the attacked systems.
-- Many server-side vulnerabilities could only be exploited after password authentification.
-- Some servers do not allow to set up password-free access.
Pavel Cheremushkin, Kaspersky ICS CERT Vulnerability Researcher said: “I was surprised to see the simplicity of discovered vulnerabilities, especially considering their significant lifetime. This means that attackers could have noticed and taken advantage of the vulnerabilities a long time ago. Moreover, some classes of vulnerabilities are present in many open-source projects and remain there even after refactoring of the codebase, which included vulnerable code."