Lua Code Execution Vulnerability in Suricata by Open Information Security Foundation
CVE-2023-35853

9.8CRITICAL

Key Information:

Vendor

Oisf

Status
Suricata
Vendor
CVE Published:
19 June 2023

What is CVE-2023-35853?

Prior to version 6.0.13, Suricata is susceptible to a vulnerability that allows an attacker with control over Lua rules to execute arbitrary Lua code. This poses significant security risks, as it can enable malicious actions within the system. The issue has been mitigated in version 6.0.13 by altering the default Lua configuration to disable code execution unless explicitly permitted via the allow-rules setting.

References

https://github.com/OISF/suricata/compare/suricata-6.0.12....
https://www.stamus-networks.com/stamus-labs
https://github.com/OISF/suricata/commit/b95bbcc66db526ffc...

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2023-35853 : Lua Code Execution Vulnerability in Suricata by Open Information Security Foundation