CVE-2023-52137 in verify-changed-filesinfo

Summary

by MITRE • 12/29/2023

The [`tj-actions/verify-changed-files`](https://github.com/tj-actions/verify-changed-files) action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. The [`verify-changed-files`](https://github.com/tj-actions/verify-changed-files) workflow returns the list of files changed within a workflow execution. This could potentially allow filenames that contain special characters such as `;` which can be used by an attacker to take over the [GitHub Runner](https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners) if the output value is used in a raw fashion (thus being directly replaced before execution) inside a `run` block. By running custom commands, an attacker may be able to steal secrets such as `GITHUB_TOKEN` if triggered on other events than `pull_request`.

This has been patched in versions [17](https://github.com/tj-actions/verify-changed-files/releases/tag/v17) and [17.0.0](https://github.com/tj-actions/verify-changed-files/releases/tag/v17.0.0) by enabling `safe_output` by default and returning filename paths escaping special characters for bash environments.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 01/21/2024

The CVE-2023-52137 vulnerability affects the tj-actions/verify-changed-files GitHub Action, which is commonly used to identify and process changed files within workflow executions. This action operates by returning a list of modified files, but fails to properly sanitize filenames that contain special shell characters. The vulnerability stems from improper input validation and output handling within the action's processing logic, creating a command injection vector that can be exploited by malicious actors. When the action's output is directly used in shell contexts without proper escaping, filenames containing characters like semicolons can trigger unintended command execution, potentially allowing attackers to inject arbitrary shell commands into the workflow environment.

The technical flaw resides in the action's handling of file paths that contain shell metacharacters, particularly the semicolon character which serves as a command separator in bash environments. This represents a classic command injection vulnerability classified under CWE-78 as "Improper Neutralization of Special Elements used in an OS Command." The vulnerability becomes particularly dangerous when the action's output is directly interpolated into shell commands within workflow run blocks, as demonstrated by the potential for attackers to execute arbitrary commands and access sensitive information. The risk amplifies when the workflow operates on events beyond pull_request, such as push or schedule events, where the attacker may have more opportunities to trigger malicious payloads and access secrets like GITHUB_TOKEN.

The operational impact of this vulnerability extends beyond simple code execution to potentially compromise entire workflow environments and secret management systems. Attackers can leverage this vulnerability to access sensitive data stored in GitHub Actions secrets, including personal access tokens, API keys, and other confidential information. The vulnerability enables attackers to perform reconnaissance and potentially escalate privileges within the runner environment, as demonstrated by the potential for secret leakage through command injection. This represents a significant risk to organizations that rely heavily on GitHub Actions for CI/CD pipelines, as compromised runners can serve as entry points for broader supply chain attacks. The vulnerability can be exploited across multiple attack vectors including direct injection into shell commands, environment variable manipulation, and potential privilege escalation within the runner environment.

The security implications of CVE-2023-52137 align with several ATT&CK framework techniques including T1059.004 for command and script injection, T1555.003 for credentials from password storage, and T1078 for valid accounts. Organizations using this action should immediately implement mitigations including updating to versions 17 or 17.0.0 which introduce safe_output functionality and automatic escaping of special characters for bash environments. Additional mitigations include avoiding direct interpolation of action outputs into shell commands, implementing proper input validation at the workflow level, and monitoring workflow execution logs for suspicious command patterns. The patched versions address the vulnerability by defaulting to safe_output mode and implementing proper shell escaping mechanisms that prevent malicious command injection through filenames. Organizations should also consider implementing additional security controls such as restricting workflow permissions, implementing secret scanning, and establishing proper monitoring for anomalous workflow execution patterns to detect potential exploitation attempts.

Responsible

GitHub, Inc.

Reservation

12/28/2023

Disclosure

12/29/2023

Moderation

accepted

CPE

ready

EPSS

0.02621

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!