CVE-2022-31012 in Git for Windows
Summary
by MITRE • 07/13/2022
Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows' installer execute a binary into `C:\mingw64\bin\git.exe` by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is included in version 2.37.1. Two workarounds are available. Create the `C:\mingw64` folder and remove read/write access from this folder, or disallow arbitrary authenticated users to create folders in `C:\`.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 07/23/2022
The vulnerability CVE-2022-31012 affects Git for Windows installations prior to version 2.37.1, representing a critical security flaw in the Windows-specific Git distribution that is widely used in enterprise environments and development workflows. This issue stems from improper handling of directory permissions during fresh installations, creating a privilege escalation vector that can be exploited by malicious actors. The vulnerability specifically targets the installer's execution logic which inadvertently allows unauthorized code execution in a system directory, making it particularly dangerous for organizations that rely heavily on Git for version control and continuous integration processes. The flaw exists exclusively during fresh installations, meaning that existing installations remain unaffected, but this does not diminish the severity given that many organizations regularly reinstall software components or perform clean installations during system upgrades. The vulnerability's impact is amplified by the fact that Git for Windows is commonly installed on developer workstations and server environments where elevated privileges are often present.
The technical implementation of this vulnerability involves a flaw in the installer's permission handling mechanism where the installation process fails to properly validate or restrict access to the `C:\mingw64\bin\git.exe` path. This represents a classic case of insecure temporary file creation or directory manipulation, which falls under CWE-732 - Incorrect Permission Assignment for Critical Resource. The installer's logic incorrectly assumes that the target directory structure is properly secured, allowing for potential code injection attacks through malicious binaries that could be executed with elevated privileges. The vulnerability's execution path is particularly concerning because it leverages the Windows file system's permission model, where the installer creates the necessary directory structure without proper access controls, leaving the system vulnerable to arbitrary code execution. This flaw aligns with ATT&CK technique T1059.001 - Command and Scripting Interpreter, as it enables attackers to execute malicious code through the compromised Git installation process.
The operational impact of CVE-2022-31012 extends beyond simple privilege escalation, affecting the integrity and security posture of entire development environments where Git for Windows is deployed. Organizations utilizing Git for Windows in automated build systems, continuous integration pipelines, or collaborative development environments face significant risk of supply chain compromise if attackers exploit this vulnerability. The vulnerability's timing during fresh installations makes it particularly attractive to attackers who might target new employee workstations or automated deployment systems where Git for Windows is installed as part of standard tooling. The potential for lateral movement within networks increases significantly when attackers can execute code through the Git installation process, as this typically occurs on systems with network access and potentially elevated privileges. Security teams must consider the broader implications of this vulnerability when assessing their incident response procedures and vulnerability management strategies, particularly in environments where Git installations are frequently performed as part of system provisioning or deployment automation.
The recommended mitigations for CVE-2022-31012 include both immediate workarounds and long-term remediation strategies that address the underlying permission issues. The first workaround involves manually creating the `C:\mingw64` directory structure and removing read/write access permissions for untrusted users, effectively preventing the installer from executing malicious binaries in the compromised location. This approach aligns with the principle of least privilege and follows security best practices outlined in the NIST Cybersecurity Framework. The second workaround focuses on broader system-level restrictions by preventing arbitrary authenticated users from creating folders in the `C:\` drive root, which addresses the root cause by limiting the installer's ability to create potentially vulnerable directory structures. Both mitigations require careful implementation and testing to ensure they do not disrupt legitimate Git functionality or system operations. Organizations should prioritize upgrading to Git for Windows version 2.37.1 or later, which includes the official patch that resolves the permission handling issue. This remediation strategy should be integrated into standard patch management procedures and security monitoring to prevent similar vulnerabilities from emerging in other software components. The vulnerability also highlights the importance of proper installer security design and the need for comprehensive testing of installation processes in security-sensitive environments, particularly those that handle elevated privileges or system-level modifications.