CVE-2023-32559

CWE-269 — Improper Privilege Management CWE-94 — Code Injection9 documents8 sources

Severity

7.5HIGH

EPSS

0.1%

top 81.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nodejs Node Nodejs Node.js

Timeline

PublishedAug 24

Latest updateJun 10

Description

A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5nodejs/node4.0 — 4.*+16

▶Debiannodejs< 12.22.12~dfsg-1~deb11u5+3

▶NVDnodejs/node.js16.0.0 — 16.20.1+2

🔴Vulnerability Details

OSV

nodejs vulnerabilities↗2024-06-10

▶

CVEList

CVE-2023-32559: A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16↗2023-08-24

▶

GHSA

GHSA-g467-j8jp-rq97: A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16↗2023-08-24

▶

OSV

CVE-2023-32559: A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16↗2023-08-24

▶

📋Vendor Advisories

Ubuntu

Node.js vulnerabilities↗2024-06-10

▶

Red Hat

nodejs: Permissions policies can be bypassed via process.binding↗2023-08-09

▶

Microsoft

A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x 18.x and 20.x. The use of the deprecated API `process.binding()` can bypass the polic↗2023-08-08

▶

Debian

CVE-2023-32559: nodejs - A privilege escalation vulnerability exists in the experimental policy mechanism...↗2023

▶