#VU60736 Code Injection in expat


Published: 2022-02-21 | Updated: 2022-06-17

Vulnerability identifier: #VU60736

Vulnerability risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-25235

CWE-ID: CWE-94

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
expat
Universal components / Libraries / Libraries used by multiple products

Vendor: libexpat.org

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the affected application lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. A remote attacker can send a specially crafted request and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

expat: 1.95.0 - 2.4.4

External links
http://github.com/libexpat/libexpat/pull/562
http://www.openwall.com/lists/oss-security/2022/02/19/1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Hitachi Energy AFS65x, AFF66x, AFS67x and AFR67x Series Products
Multiple vulnerabilities in Dell Unity, Dell UnityVSA, and Dell Unity XT
Multiple vulnerabilities in Dell XtremIO X2
Multiple vulnerabilities in Nessus Network Monitor
Multiple vulnerabilities in Oracle VM Server for x86
Multiple vulnerabilities in Junos OS
Multiple vulnerabilities in IBM Cloud Pak for Security (CP4S)
Multiple vulnerabilities in Netcool Operations Insight
openEuler 22.03 LTS update for firefox
openEuler 22.03 LTS update for expat