Cyber Resilience

CVE-2023-34634

HighPublic PoC

Published: 01 August 2023

Published
01 August 2023
Modified
02 October 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.3803 97.3th percentile
Risk Priority 38 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-34634 is a high-severity an unspecified weakness vulnerability in Getgreenshot Greenshot. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 2.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

Greenshot versions 1.2.10 and earlier contain an insecure deserialization flaw in the handling of .greenshot files. When such a file containing .NET serialized content is opened, the application deserializes it without sufficient validation, enabling arbitrary code execution on the affected system. The vulnerability carries a CVSS 3.1 score of 7.8 and affects the local attack surface with no privileges required beyond a user opening the file.

An attacker can deliver a malicious .greenshot file via email, download, or shared storage and rely on the victim to open it. Successful exploitation grants the attacker the ability to execute arbitrary code with the privileges of the running Greenshot process, resulting in full confidentiality, integrity, and availability impacts on the host.

Public references include a GitHub commit that addresses the deserialization issue, a corresponding Jira ticket (BUG-3061), and multiple proof-of-concept exploits published on Exploit-DB and Packet Storm. These resources indicate that updating to a patched release is the primary mitigation step.

The EPSS score for this CVE rose sharply from a low baseline after disclosure, reaching a peak of 0.9089 on 2025-01-22 before receding to the current value of 0.3803, indicating that exploitation interest increased well after the initial publication.

EU & UK References

Vulnerability details

Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

getgreenshot
greenshot
≤ 1.2.10.6

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References