CVE-2024-24576

CWE-78OS Command InjectionCWE-887 documents6 sources
Severity
10.0CRITICAL
EPSS
79.2%
top 0.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Rust-lang RustFedoraproject Fedora
Timeline
PublishedApr 9
Latest updateNov 22

Description

Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands by bypassing the escaping. The severity of this vulnerability is critical for those who invoke batch files on Windows with untrus

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages2 packages

CVEListV5rust-lang/rust< 1.77.2+1
NVDrust-lang/rust< 1.77.2

Also affects: Fedora 38, 39, 40

🔴Vulnerability Details

1
CVEList
Rusts's `std::process::Command` did not properly escape arguments of batch files on Windows2024-04-09

📋Vendor Advisories

3
Red Hat
rust: Rust standard library did not properly escape arguments when invoking batch files on Windows using the Command API2024-09-04
Red Hat
rust: Fail to Escape Arguments Properly in Microsoft Windows2024-04-09
Debian
CVE-2024-24576: rustc - Rust is a programming language. The Rust Security Response WG was notified that ...2024

🕵️Threat Intelligence

1
Bleepingcomputer
Critical Rust flaw enables Windows command injection attacks2024-04-09

💬Community

1
HackerOne
`std::process::Command` batch files argument escaping could be bypassed with trailing whitespace or periods2024-11-22
CVE-2024-24576 (CRITICAL CVSS 10) | Rust is a programming language | cvebase.io