{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/intake/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Intake"],"_cs_severities":["critical"],"_cs_tags":["rce","vulnerability","intake"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eThe Intake package, used for data discovery and loading, contains a critical vulnerability (CVE-2026-33310) in versions prior to 2.0.9. This vulnerability stems from the automatic expansion of the \u003ccode\u003eshell()\u003c/code\u003e syntax within parameter default values when a catalog is parsed. Specifically, if a catalog YAML file contains a parameter default such as \u003ccode\u003eshell(\u0026lt;command\u0026gt;)\u003c/code\u003e, the enclosed command is executed by the system during the catalog parsing process. This allows an attacker to craft a malicious catalog YAML file containing arbitrary commands. If a user loads this malicious catalog using a vulnerable version of Intake, the embedded commands will execute on the host system, leading to remote code execution. This issue has been addressed in Intake version 2.0.9 by setting \u003ccode\u003egetshell\u003c/code\u003e to False by default, effectively disabling this dangerous behavior. This vulnerability poses a significant risk to systems using vulnerable Intake versions, as attackers could potentially gain full control over affected machines.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker crafts a malicious YAML catalog file. This file includes a parameter default value that utilizes the \u003ccode\u003eshell()\u003c/code\u003e syntax to inject arbitrary commands. For example, \u003ccode\u003eshell(malicious_command)\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker delivers the malicious YAML catalog file to the victim. This might involve social engineering or other means of tricking the user into using the file.\u003c/li\u003e\n\u003cli\u003eThe victim, running a vulnerable version of Intake (prior to 2.0.9), attempts to load the malicious catalog YAML file. This could be done through an Intake function call or a command-line tool.\u003c/li\u003e\n\u003cli\u003eIntake parses the YAML catalog file. As it encounters the \u003ccode\u003eshell()\u003c/code\u003e syntax within the parameter default value, it automatically attempts to expand it.\u003c/li\u003e\n\u003cli\u003eThe embedded command within the \u003ccode\u003eshell()\u003c/code\u003e syntax is executed on the host system with the privileges of the user running the Intake process.\u003c/li\u003e\n\u003cli\u003eThe attacker gains arbitrary code execution on the victim's system. This could involve installing malware, creating new user accounts, or exfiltrating sensitive data.\u003c/li\u003e\n\u003cli\u003eThe attacker establishes persistence on the compromised system to maintain access, often by creating a scheduled task or modifying system startup scripts.\u003c/li\u003e\n\u003cli\u003eThe attacker performs lateral movement within the network, leveraging the compromised system to access other sensitive systems and data.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-33310 allows an attacker to execute arbitrary commands on the system running the vulnerable Intake package. This can lead to complete system compromise, data theft, and potentially lateral movement within the network. The severity is high due to the ease of exploitation (simply loading a malicious YAML file) and the potential for significant damage. While the specific number of affected installations is unknown, organizations using Intake for data processing and analysis are at risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade the Intake package to version 2.0.9 or later to mitigate CVE-2026-33310 (see Overview).\u003c/li\u003e\n\u003cli\u003eImplement strict validation and sanitization of any catalog YAML files loaded by Intake, even after upgrading, to prevent similar vulnerabilities (see Attack Chain).\u003c/li\u003e\n\u003cli\u003eMonitor process creation events for unexpected command execution originating from the Python interpreter or related Intake processes, using the provided Sigma rule (Detect Suspicious Intake Catalog Execution).\u003c/li\u003e\n\u003cli\u003eEnable file integrity monitoring for Intake catalog files to detect unauthorized modifications, which can be indicative of malicious activity.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-23T12:00:00Z","date_published":"2024-01-23T12:00:00Z","id":"https://feed.craftedsignal.io/briefs/2024-01-intake-rce/","summary":"A remote code execution vulnerability exists in Intake versions prior to 2.0.9 due to the automatic expansion of the `shell()` syntax within parameter default values during catalog parsing, allowing an attacker to execute arbitrary commands by loading a malicious catalog YAML file.","title":"Intake Package Remote Code Execution via Malicious Catalog","url":"https://feed.craftedsignal.io/briefs/2024-01-intake-rce/"}],"language":"en","title":"CraftedSignal Threat Feed - Intake","version":"https://jsonfeed.org/version/1.1"}