{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/products/vm2--3.10.4/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":["vm2 (\u003c= 3.10.4)"],"_cs_severities":["critical"],"_cs_tags":["sandbox-escape","rce","vm2"],"_cs_type":"advisory","_cs_vendors":["npm"],"content_html":"\u003cp\u003eThe vm2 library, a popular Node.js sandbox environment, is susceptible to a critical sandbox breakout vulnerability. This flaw allows malicious code executed within the vm2 sandbox to escape its confines and execute arbitrary commands on the host operating system. The vulnerability leverages the \u003ccode\u003e__lookupGetter__\u003c/code\u003e method to bypass context isolation and gain access to host-level functions and objects. Previous attempts to mitigate similar issues were circumvented using \u003ccode\u003eObject.getOwnPropertyDescriptor\u003c/code\u003e to access the constructor property. The vulnerability affects vm2 versions 3.10.4 and earlier. Exploitation allows an attacker to achieve remote code execution with the privileges of the Node.js process running the vm2 sandbox, which could lead to significant system compromise.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker injects malicious JavaScript code into the vm2 sandbox.\u003c/li\u003e\n\u003cli\u003eThe injected code retrieves the \u003ccode\u003e__lookupGetter__\u003c/code\u003e method, which is used to access the getter of an object.\u003c/li\u003e\n\u003cli\u003eThe malicious code obtains the \u003ccode\u003eapply\u003c/code\u003e method from the \u003ccode\u003eBuffer\u003c/code\u003e object within the sandbox.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eapply\u003c/code\u003e method is used to invoke the host version of \u003ccode\u003e__lookupGetter__\u003c/code\u003e with \u003ccode\u003eBuffer\u003c/code\u003e and \u003ccode\u003e__proto__\u003c/code\u003e as arguments, gaining access to the host\u0026rsquo;s prototype lookup method.\u003c/li\u003e\n\u003cli\u003eThe host\u0026rsquo;s \u003ccode\u003eFunction.prototype\u003c/code\u003e object is retrieved using the prototype lookup method.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003econstructor\u003c/code\u003e property of the \u003ccode\u003eFunction.prototype\u003c/code\u003e object is accessed using \u003ccode\u003eObject.getOwnPropertyDescriptor\u003c/code\u003e to bypass previous mitigation attempts.\u003c/li\u003e\n\u003cli\u003eThe host \u003ccode\u003eFunction\u003c/code\u003e constructor is used to create a new function that returns the \u003ccode\u003eprocess\u003c/code\u003e object, granting access to Node.js runtime functions on the host.\u003c/li\u003e\n\u003cli\u003eThe code then uses \u003ccode\u003echild_process.execSync\u003c/code\u003e to execute arbitrary commands on the host system (e.g., \u003ccode\u003etouch pwned\u003c/code\u003e).\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows attackers to execute arbitrary code on the host system. Given the critical nature of many applications that employ sandboxing, this can lead to complete system compromise, data exfiltration, and denial of service. The vulnerability affects vm2 versions up to and including 3.10.4. The impact includes remote code execution, potentially leading to sensitive data exposure, system takeover, or further lateral movement within a network.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to a patched version of vm2 greater than 3.10.4 to remediate CVE-2026-24118.\u003c/li\u003e\n\u003cli\u003eImplement strict input validation and sanitization to minimize the risk of malicious code injection into the vm2 sandbox.\u003c/li\u003e\n\u003cli\u003eMonitor process creation events on the host system for suspicious activity originating from Node.js processes, which may indicate a sandbox escape (see the process_creation Sigma rule below).\u003c/li\u003e\n\u003cli\u003eMonitor for the execution of commands such as \u003ccode\u003echild_process.execSync\u003c/code\u003e called from within vm2 sandboxes to detect potential exploitation attempts (see the \u003ccode\u003enodejs_child_process_exec\u003c/code\u003e Sigma rule).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-03T12:00:00Z","date_published":"2024-01-03T12:00:00Z","id":"/briefs/2024-01-vm2-sandbox-breakout/","summary":"VM2 is vulnerable to a sandbox breakout via the `__lookupGetter__` method, enabling attackers to execute arbitrary commands on the host system by exploiting context switching and property descriptor manipulation, leading to remote code execution.","title":"VM2 Sandbox Escape via __lookupGetter__ Vulnerability","url":"https://feed.craftedsignal.io/briefs/2024-01-vm2-sandbox-breakout/"}],"language":"en","title":"CraftedSignal Threat Feed — Vm2 (\u003c= 3.10.4)","version":"https://jsonfeed.org/version/1.1"}