XML Entity Expansion in Ghidra - CVE-2019-16941
Published: September 30, 2019 / Updated: January 6, 2023
Vulnerability identifier: #VU21434
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2019-16941
CWE-ID: CWE-776
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: National Security Agency
Affected software:
Ghidra
Ghidra
Detailed vulnerability description
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to improper input validation when parsing XML files in the Bit Patterns Explorer feature in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. A remote attacker can create a specially crafted XML document, trick the victim into opening it via the Read XML Files feature and execute arbitrary code on the system with privilege of the current user.
How to mitigate CVE-2019-16941
Install update from vendor's website.