CVE-2020-15258

Public Exploit

Insecure use of shell.openExternal in Wire

Description

In Wire before 3.20.x, `shell.openExternal` was used without checking the URL. This vulnerability allows an attacker to execute code on the victims machine by sending messages containing links with arbitrary protocols. The victim has to interact with the link and sees the URL that is opened. The issue was patched by implementing a helper function which checks if the URL's protocol is common. If it is common, the URL will be opened externally. If not, the URL will not be opened and a warning appears for the user informing them that a probably insecure URL was blocked from being executed. The issue is patched in Wire 3.20.x. More technical details about exploitation are available in the linked advisory.

References

Link	Tags
https://github.com/wireapp/wire-desktop/security/advisories/GHSA-5gpx-9976-ggpm	third party advisory exploit
https://github.com/wireapp/wire-desktop/commit/b3705fffa75a03f055530f55a754face5ac0623b	third party advisory patch
https://benjamin-altpeter.de/shell-openexternal-dangers/	third party advisory exploit

Frequently Asked Questions

What is the severity of CVE-2020-15258?: CVE-2020-15258 has been scored as a high severity vulnerability.
How to fix CVE-2020-15258?: To fix CVE-2020-15258, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2020-15258 being actively exploited in the wild?: It is possible that CVE-2020-15258 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2020-15258?: CVE-2020-15258 affects wireapp wire-desktop.

Description

Category

CWE-20 – Improper Input Validation

References

Frequently Asked Questions