CVE-2022-23597

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the best of our knowledge, the vulnerability has never been exploited in the wild. If you are using Element Desktop < 1.9.7, we recommend upgrading at your earliest convenience. If successfully exploited, the vulnerability allows an attacker to specify a file path of a binary on the victim's computer which then gets executed. Notably, the attacker does *not* have the ability to specify program arguments. However, in certain unspecified configurations, the attacker may be able to specify an URI instead of a file path which then gets handled using standard platform mechanisms. These may allow exploiting further vulnerabilities in those mechanisms, potentially leading to arbitrary code execution.

• CVE ID
• CVE-2022-23597

• Assigner
• security-advisories@github.com

• Vulnerability Status
• Analyzed

• Published Version
• 2022-02-01T12:15:08

• Last Modified Date
• 2022-02-04T17:20:55

• Version
• 2.0

• Vector String
• AV:N/AC:H/Au:N/C:P/I:P/A:P

• Access Vector
• NETWORK

• Access Compatibility
• HIGH

• Authentication
• NONE

• Confidentiality Impact
• PARTIAL

• Integrity Impact
• PARTIAL

• Availability Impact
• PARTIAL

• Base Score
• 5.1

• Severity
• MEDIUM

• Exploitability Score
• 4.9

• Impact Score
• 6.4

• Version
• 3.1

• Vector String
• CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

• Attack Vector
• NETWORK

• Attack Compatibility
• LOW

• Privileges Required
• NONE

• User Interaction
• REQUIRED

• Scope
• UNCHANGED

• Confidentiality Impact
• HIGH

• Availability Impact
• HIGH

• Base Score
• 8.8

• Base Severity
• HIGH

• Exploitability Score
• 2.8

• Impact Score
• 5.9