#VU72163 Use of Potentially Dangerous Function in Ghidra - CVE-2023-22671
Published: February 14, 2023
Vulnerability identifier: #VU72163
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-22671
CWE-ID: CWE-676
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Ghidra
Ghidra
Software vendor:
National Security Agency
National Security Agency
Description
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to Ghidra client application on Linux and macOS uses the eval command for processing arguments passed to the launch.ch script to start the application. A remote attacker can pass specially crafted input to the application and execute arbitrary OS commands on the system.
Note, the vulnerability can be exploited against the Ghidra client application running as a service on a remote machine and passed untrusted input directly as a Ghidra command line argument.
Remediation
Install updates from vendor's website.