Path Traversal Vulnerability in NSA Ghidra by National Security Agency
CVE-2019-13623

7.8HIGH

Key Information:

Vendor

Nsa

Status
Ghidra
Vendor
CVE Published:
17 July 2019

What is CVE-2019-13623?

In NSA Ghidra versions prior to 9.1, a path traversal vulnerability exists in RestoreTask.java, allowing attackers to exploit an archive containing an executable file with a filename that starts with '../'. This flaw can lead to the overwriting of arbitrary files, which may include critical modules of the Ghidra framework, potentially enabling arbitrary code execution. This scenario arises particularly when analysis results are shared among users.

References

https://github.com/NationalSecurityAgency/ghidra/issues/789
x_refsource_MISC
http://blog.fxiao.me/ghidra/
x_refsource_MISC
http://packetstormsecurity.com/files/154015/Ghidra-Linux-...
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.