Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2024-27303

Good to know:

icon

Date: March 6, 2024

electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the `.nsh` installer script. NSExec by default searches the current directory of where the installer is located before searching `PATH`. This means that if an attacker can place a malicious executable file named cmd.exe in the same folder as the installer, the installer will run the malicious file. Version 24.13.2 fixes this issue. No known workaround exists. The code executes at the installer-level before the app is present on the system, so there's no way to check if it exists in a current installer.

Language: JS

Severity Score

Related Resources (5)

https://github.com/electron-userland/electron-builder/pull/8059
https://github.com/electron-userland/electron-builder/security/advisories/GHSA-r4pf-3v7r-hh55
https://github.com/electron-userland/electron-builder/commit/8f4acff3c2d45c1cb07779bb3fe79644408ee387
https://nvd.nist.gov/vuln/detail/CVE-2024-27303
https://www.mend.io/vulnerability-database/CVE-2024-27303

Severity Score

Weakness Type (CWE)

Uncontrolled Search Path Element

CWE-427

Untrusted Search Path

CWE-426

Top Fix

icon

Upgrade Version

Upgrade to version app-builder-lib - 24.13.2

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us