Rust standard library vulnerable to arbitrary shell command execution
CVE-2024-24576

10CRITICAL

Key Information:

Vendor: Rust-lang
Status: Rust
Vendor: CVE Published:; 9 April 2024

Badges

🥇 Trended No. 1📈 Trended📈 Score: 18,200👾 Exploit Exists🟡 Public PoC🟣 EPSS 70%📰 News Worthy

What is CVE-2024-24576?

CVE-2024-24576 is a critical vulnerability found in the Rust programming language's standard library prior to version 1.77.2. Rust is designed for system-level programming, emphasizing safety and performance. However, this vulnerability allows an attacker to execute arbitrary shell commands on Windows systems by improperly handling arguments passed to batch files. Organizations that rely on Rust for deploying applications, especially on Windows, face potential risks of malicious command execution, leading to unauthorized access and system compromise.

Technical Details

The vulnerability arises from the way the Rust standard library interacts with the Windows API when spawning processes. Specifically, the Command APIs in Rust, which are supposed to pass arguments securely without shell evaluation, were found to inadequately escape arguments for batch files (.bat and .cmd) on Windows. This shortcoming enables an attacker, who can control the input arguments, to bypass the intended safety measures, resulting in arbitrary command execution. Affected versions of the standard library fail to handle the unique argument parsing of cmd.exe, leading to the exploitation risk.

Impact of the Vulnerability

Arbitrary Command Execution: Attackers can execute any shell command of their choice, potentially leading to unauthorized access, data manipulation, or system control.
Compromise of System Integrity: Successful exploitation can lead to a complete compromise of the affected applications or systems, increasing the risk of further attacks or malware propagation.
Risk to Application Reliability: The presence of this vulnerability could undermine the integrity and reliability of applications built with Rust, especially those handling untrusted input, necessitating immediate updates and security reviews to mitigate risks effectively.

Affected Version(s)

rust < 1.77.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-24576-PoC
Created by frostb1ten

CVE-2024-24576-Exploit
Created by aydinnyunus

CVE-2024-24576-PoC-Python
Created by mishalhossin

News Articles

SC Media

CVE-2024-24576

Command injection attacks likely with critical Rust vulnerability

Windows devices could be targeted with command injection attacks exploiting the maximum severity Rust standard library vulnerability, tracked as CVE-2024-24576, The Hacker News reports.