CVE-2021-44795 Krontech CVE debrief

Who should care

Organizations running Krontech Single Connect versions prior to 2.16, particularly those exposing administrative interfaces to broader networks. Security teams responsible for privileged access management (PAM) infrastructure.

Technical summary

The sc-assigned-credential-ui module in Krontech Single Connect fails to perform authorization checks, enabling unauthenticated remote attackers to modify user permissions including deletion of other users' permissions. Network-accessible with low attack complexity.

Defensive priority

medium

Recommended defensive actions

• Upgrade Krontech Single Connect to version 2.16 or later to remediate the missing authorization check in the sc-assigned-credential-ui module.
• Review and audit user permission configurations for unauthorized modifications if running affected versions prior to upgrade.
• Implement network segmentation to restrict access to Single Connect administrative interfaces to authorized administrative hosts only.
• Monitor access logs for the sc-assigned-credential-ui module for anomalous permission modification activity.
• Verify that authorization controls are enforced consistently across all administrative modules in Single Connect deployments.

Evidence notes

Vulnerability confirmed via NVD CPE criteria (cpe:2.3:a:krontech:single_connect:*:*:*:*:*:*:*:*, versionEndExcluding:2.16) and USOM advisory TR-22-0093. CWE-862 (Missing Authorization) identified by both USOM and NVD. CVSS vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N indicates network-accessible attack with low complexity, no privileges required, and no user interaction needed.

Official resources