Fleet, the open-source endpoint management platform built on osquery, ships with a SQL injection vulnerability in its MDM bootstrap package configuration. An authenticated user with Team Admin or Global Admin privileges can exploit it to alter database queries, steal sensitive data like password hashes and API tokens, corrupt cross-team configurations, and inject malicious content. This affects Fleet v4 instances where Apple MDM is enabled. Patch now—it’s rated medium severity, but the blast radius inside a compromised admin account is wide.
Fleet handles device telemetry and management for thousands of organizations, querying endpoints via osquery for security monitoring, compliance, and incident response. Its database stores critical assets: user credentials, API keys for integrations, MDM push certificates, and team-specific policies. With over 10,000 GitHub stars and adoption by firms like Shopify and Urban Dictionary, downtime or breaches here disrupt entire security operations. This vuln, tracked as an advisory from Fleet’s team, stems from poor server-side validation of user input during MDM bootstrap package setup—a process that generates enrollment profiles for Apple devices.
Exploitation Mechanics
Attackers with the right roles hit the API directly. They craft inputs that bypass validation, injecting SQL payloads into queries handling team configs. Fleet’s code, in repository github.com/fleetdm/fleet/v4, fails to sanitize these fields properly. No unauthenticated access; you need login creds for Team or Global Admin. Once in, exploitation reads arbitrary DB tables or writes junk data. Secfox Research Team discovered and reported it responsibly—credit where due.
Proof-of-concept isn’t public, but the advisory confirms real risks: exfiltrate hashes (likely bcrypt or similar), API tokens for osquery enrollments, and team metadata. In multi-team setups, a rogue Team Admin accesses Global Admin data. Injection lets you rewrite configs, potentially breaking MDM enrollments or pushing rogue policies to devices. Apple MDM must be active; disable it, and you’re safe. Fleet’s v4 branch sees frequent updates—check your go.mod or Docker tag for exposure.
Why This Matters
Organizations run Fleet for visibility into macOS, Windows, and Linux fleets—think SOC teams correlating osquery logs with threats. A breach exposes not just Fleet data, but pivots to enrolled devices. Stolen API tokens enroll attacker-controlled agents; corrupted configs halt compliance audits. In regulated sectors like finance or healthcare, this triggers breach notifications under GDPR or HIPAA.
Broader lesson: endpoint tools remain juicy targets. Fleet’s rise challenges proprietary MDM like Jamf or Intune, but open-source speed trades polish for features. This SQLi echoes classics like Log4Shell in scope—auth-bounded, yet devastating if admins rotate poorly. Stats from similar vulns: 60% of breaches involve credential abuse (Verizon DBIR 2023). Limit blast with RBAC; Global Admins should be scarce, audited via Fleet’s own query packs.
Implications hit users hard. Small teams might ignore MDM, but enterprises with 1,000+ Apple devices face mass re-enrollment post-exploit. Cross-team corruption? Imagine HR’s policies overwriting engineering’s—chaos. Exfiltrated hashes crack offline with GPUs; tokens revoke manually, but at scale, it’s painful.
Mitigation Steps
Upgrade to the latest v4 release—Fleet patches fast, often same-day. No version specified in the advisory, so pull from main:
git clone https://github.com/fleetdm/fleet
git checkout main
make build Or Docker: fleetdm/fleet:latest. Verify with fleetctl version.
Workarounds: Disable Apple MDM in settings, or revoke Team/Global Admin access temporarily. Audit logs via Fleet’s API for suspicious config changes. Rotate all API tokens and passwords post-incident. Enable query-based logging on admin actions.
Contact security@fleetdm.com or #fleet on osquery Slack for details. This isn’t panic territory—requires insider access—but treat it as a wake-up. Fleet’s transparency shines; most vendors bury advisories. Stay vigilant: validate inputs, segment teams, monitor admins. Your fleet depends on it.
