#VU21434 XML Entity Expansion in Ghidra - CVE-2019-16941
Published: September 30, 2019 / Updated: January 6, 2023
Vulnerability identifier: #VU21434
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2019-16941
CWE-ID: CWE-776
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Ghidra
Ghidra
Software vendor:
National Security Agency
National Security Agency
Description
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to improper input validation when parsing XML files in the Bit Patterns Explorer feature in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. A remote attacker can create a specially crafted XML document, trick the victim into opening it via the Read XML Files feature and execute arbitrary code on the system with privilege of the current user.
Remediation
Install update from vendor's website.