Main Vulnerability Database SB2020072019

SB2020072019 - Remote command execution in radare2

Published: July 20, 2020 Updated: August 3, 2020

Security Bulletin ID SB2020072019

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) OS Command Injection (CVE-ID: CVE-2020-15121)

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation when processing PDB file names. A remote unauthenticated attacker can rick the victim to open a specially crafted file in radare2 and run idpd to trigger the download. Successful exploitation of the vulnerability may allow an attacker to execute arbitrary OS commands on the system.

Remediation

Install update from vendor's website.

References

https://github.com/radareorg/radare2/commit/04edfa82c1f3fa2bc3621ccdad2f93bdbf00e4f9
https://github.com/radareorg/radare2/issues/16945
https://github.com/radareorg/radare2/pull/16966
https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358