CVE-2022-43516

Summary

A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)

Affected Software

VendorProductVersion RangeStatus
ZabbixZabbix agent (MSI packages)Oct. 29, 2022 - Dec 2, 2022affected
ZabbixZabbix agent (MSI packages)Dec 3, 2022 < unspecifiedunaffected
ZabbixZabbix agent 2 (MSI packages)Oct. 29, 2022 - Dec 2, 2022affected
ZabbixZabbix agent 2 (MSI packages)Dec 3, 2022 < unspecifiedunaffected

Weaknesses

  • CWE-16: CWE-16 Configuration

Workarounds

If an immediate update is not possible, change the applied local firewall rule to allow the agent port only.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References