CVE-2023-49797

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 9, 2023
Updated: Dec 19, 2023
CWE ID 732
CWE ID 379

Summary

CVE-2023-49797 is a vulnerability affecting PyInstaller, a tool used to bundle Python applications and their dependencies into a single package. This vulnerability allows an unprivileged attacker to trick a privileged PyInstaller built application into deleting files that the attacker does not have access to. To exploit this vulnerability, the attacker needs to carefully time the replacement of a temporary file with a symlink. The vulnerability only affects users who run an application containing either `matplotlib` or `win32com`, and the application is run as an administrator or with higher privileges than the attacker. Additionally, if the user's temporary directory is not locked and points to an unprotected location, they are also vulnerable. To remediate this vulnerability, users should ensure that their temporary directory is locked to their specific user and update PyInstaller to a version that includes protection for Python 3.7.x or earlier. The potential danger posed by this vulnerability is high, as it can result in unauthorized deletion of critical files and compromise the integrity and confidentiality of an organization's data.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-49797 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options