{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/metadata-poisoning/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":5.9,"id":"CVE-2026-6967"}],"_cs_exploited":false,"_cs_products":["tough","tuftool"],"_cs_severities":["high"],"_cs_tags":["supply-chain","vulnerability","metadata-poisoning"],"_cs_type":"advisory","_cs_vendors":["Amazon","Amazon Web Services Labs"],"content_html":"\u003cp\u003eThe \u003ccode\u003eawslabs/tough\u003c/code\u003e library, a Python implementation of The Update Framework (TUF), is vulnerable to a metadata validation bypass. Specifically, versions prior to 0.22.0 and tuftool versions prior to 0.15.0 do not properly enforce expiration, hash, and length checks on delegated metadata. An attacker with delegated signing authority can exploit this vulnerability to poison the local metadata cache. This occurs because the \u003ccode\u003eload_delegations\u003c/code\u003e function doesn\u0026rsquo;t apply the same strict validation checks as the top-level targets metadata path. Successful exploitation allows the attacker to serve expired or otherwise invalid targets from a TUF repository, which the tough library will trust instead of rejecting, ultimately compromising the integrity of software updates.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker gains delegated signing authority within a TUF repository.\u003c/li\u003e\n\u003cli\u003eAttacker modifies delegated targets metadata to point to malicious software or manipulated metadata files. This could involve changing file hashes, lengths, or expiration dates to values that would normally be rejected.\u003c/li\u003e\n\u003cli\u003eAttacker hosts the modified delegated targets metadata on their controlled server.\u003c/li\u003e\n\u003cli\u003eA client using a vulnerable version of \u003ccode\u003etough\u003c/code\u003e attempts to update its software using the TUF repository.\u003c/li\u003e\n\u003cli\u003eThe client downloads the attacker\u0026rsquo;s modified delegated targets metadata.\u003c/li\u003e\n\u003cli\u003eThe vulnerable \u003ccode\u003eload_delegations\u003c/code\u003e function in \u003ccode\u003etough\u003c/code\u003e fails to properly validate the expiration, hash, and length of the delegated targets metadata.\u003c/li\u003e\n\u003cli\u003eThe client trusts the malicious delegated targets metadata and proceeds to download the associated malicious software or metadata.\u003c/li\u003e\n\u003cli\u003eThe client\u0026rsquo;s local metadata cache is poisoned, and subsequent updates may be compromised even if the attacker loses control of the delegated signing authority.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows an attacker to serve malicious software updates to clients using the \u003ccode\u003etough\u003c/code\u003e library. This could lead to arbitrary code execution, data theft, or other malicious activities on the client\u0026rsquo;s system. The number of affected clients depends on the adoption of the \u003ccode\u003etough\u003c/code\u003e library and its use in software update mechanisms. This vulnerability primarily impacts software supply chain security, potentially affecting any sector relying on TUF for secure updates.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade the \u003ccode\u003etough\u003c/code\u003e library to version 0.22.0 or later to patch CVE-2026-6967.\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003etuftool\u003c/code\u003e to version 0.15.0 or later to patch CVE-2026-6967.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for unexpected connections to untrusted or unknown hosts during software update processes. Analyze associated process executions.\u003c/li\u003e\n\u003cli\u003eImplement integrity checks on downloaded software packages beyond TUF metadata validation to provide defense in depth.\u003c/li\u003e\n\u003cli\u003eExamine application logs for errors related to metadata validation failures or unexpected software installations.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-05T18:46:48Z","date_published":"2026-05-05T18:46:48Z","id":"/briefs/2024-01-tough-metadata-validation/","summary":"The tough library before version 0.22.0 and tuftool before version 0.15.0 do not properly verify delegated target metadata, allowing an attacker with write access to serve expired or otherwise invalid targets from a TUF repository, potentially leading to the library trusting invalid targets.","title":"awslabs/tough Missing Delegated Metadata Validation","url":"https://feed.craftedsignal.io/briefs/2024-01-tough-metadata-validation/"}],"language":"en","title":"CraftedSignal Threat Feed — Metadata-Poisoning","version":"https://jsonfeed.org/version/1.1"}