Permissions, Privileges, and Access Controls in Realm Shim

#VU21931 Permissions, Privileges, and Access Controls in Realm Shim

Published: 2019-10-18

Vulnerability identifier: #VU21931

Vulnerability risk: High

CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Realm Shim
Web applications / Modules and components for CMS

Vendor: Agoric Systems Operating Company

Description
The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to an error in the transformation pipeline that exposed a primal-Realm object to one of the transform functions. A remote attacker can escape the sandbox, compromise the Realm which created it and compromise the application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Realm Shim: 1.1.0 - 1.2.0

External links
http://www.npmjs.com/advisories/1218
http://github.com/Agoric/realms-shim/security/advisories/GHSA-7cg8-pq9v-x98q

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Sandbox bypass in Agoric Realm Shim npm package