{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cpi-bypass/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["anchor-lang"],"_cs_severities":["high"],"_cs_tags":["anchor","solana","account-validation","cpi-bypass"],"_cs_type":"advisory","_cs_vendors":["Solana Foundation"],"content_html":"\u003cp\u003eAnchor is a framework for building Solana programs. A validation vulnerability exists in anchor-lang versions 1.0.0 and 1.0.1 where programs built with anchor incorrectly validate the \u003ccode\u003esystem_program\u003c/code\u003e account. Specifically, the \u003ccode\u003eTryFrom\u003c/code\u003e implementation for \u003ccode\u003eProgram\u0026lt;'a, T\u0026gt;\u003c/code\u003e compares the ID of T with \u003ccode\u003ePubkey::default()\u003c/code\u003e to check whether anchor should allow any executable account or a specific account. Due to this logic, both \u003ccode\u003eT = ()\u003c/code\u003e and \u003ccode\u003eT = System\u003c/code\u003e exhibit the same behavior, allowing any executable account. This flaw allows attackers to pass arbitrary program IDs instead of the system program ID, causing false assumptions and enabling potential CPI and payment bypasses.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a vulnerable Anchor program (version 1.0.0 or 1.0.1) that uses the \u003ccode\u003eProgram\u0026lt;'info, System\u0026gt;\u003c/code\u003e type to ensure a valid system program account.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious transaction, replacing the expected system program ID with the ID of a program they control (e.g., the Compute Budget program, or a custom program).\u003c/li\u003e\n\u003cli\u003eThe vulnerable program\u0026rsquo;s \u003ccode\u003eInitialize\u003c/code\u003e function receives the attacker-provided program ID as the \u003ccode\u003esystem_program\u003c/code\u003e account.\u003c/li\u003e\n\u003cli\u003eDue to the flawed validation logic, the Anchor runtime incorrectly accepts the attacker-provided program ID as a valid system program.\u003c/li\u003e\n\u003cli\u003eThe vulnerable program constructs a transfer instruction using the (incorrect) attacker-supplied program ID.\u003c/li\u003e\n\u003cli\u003eThe program invokes the transfer instruction, intending to transfer lamports using the system program. However, because the program ID is controlled by the attacker, no transfer occurs, or the transfer is redirected to an attacker-controlled program based on the malicious program logic.\u003c/li\u003e\n\u003cli\u003eThe vulnerable program proceeds under the false assumption that the transfer has succeeded, potentially leading to incorrect state updates.\u003c/li\u003e\n\u003cli\u003eThe attacker bypasses intended restrictions and potentially gains control of accounts meant to be owned by the system program, or blocks transfers.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThis vulnerability impacts on-chain programs that depend on the system program, potentially leading to CPI bypasses and unauthorized payment diversions. This could result in financial losses and compromised program functionality. The vulnerability affects programs using \u003ccode\u003erust/anchor-lang\u003c/code\u003e in versions 1.0.0 and 1.0.1. The severity of the vulnerability is rated as high due to the potential for significant financial impact and unauthorized account control.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade \u003ccode\u003erust/anchor-lang\u003c/code\u003e to version 1.0.2 or later to remediate the vulnerability.\u003c/li\u003e\n\u003cli\u003eDeploy the provided Sigma rule \u003ccode\u003eDetect Anchor Program ID Validation Bypass\u003c/code\u003e to identify potential exploitation attempts targeting the vulnerable validation logic.\u003c/li\u003e\n\u003cli\u003eAudit existing Anchor programs for improper system program account validation, specifically examining the \u003ccode\u003eTryFrom\u0026lt;\u0026amp;'a AccountInfo\u0026lt;'a\u0026gt;\u0026gt;\u003c/code\u003e implementation for \u003ccode\u003eProgram\u0026lt;'a, T\u0026gt;\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUse static analysis tools to detect vulnerable code patterns in Anchor programs that rely on system program interactions.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-13T15:37:02Z","date_published":"2026-05-13T15:37:02Z","id":"https://feed.craftedsignal.io/briefs/2026-05-anchor-program-validation-bypass/","summary":"A logic error in anchor-lang versions 1.0.0 to 1.0.1 causes anchor programs to accept any program ID when requiring the system program ID, resulting in false assumptions that could lead to arbitrary CPI in programs invoking system program instructions, potentially leading to validation bypass and unauthorized account control.","title":"Anchor Program Validation Bypass Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-anchor-program-validation-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — Cpi-Bypass","version":"https://jsonfeed.org/version/1.1"}