CVE-2023-34634
Published: 01 August 2023
Summary
CVE-2023-34634 is a high-severity an unspecified weakness vulnerability in Getgreenshot Greenshot. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 2.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
Greenshot versions 1.2.10 and earlier contain an insecure deserialization flaw in the handling of .greenshot files. When such a file containing .NET serialized content is opened, the application deserializes it without sufficient validation, enabling arbitrary code execution on the affected system. The vulnerability carries a CVSS 3.1 score of 7.8 and affects the local attack surface with no privileges required beyond a user opening the file.
An attacker can deliver a malicious .greenshot file via email, download, or shared storage and rely on the victim to open it. Successful exploitation grants the attacker the ability to execute arbitrary code with the privileges of the running Greenshot process, resulting in full confidentiality, integrity, and availability impacts on the host.
Public references include a GitHub commit that addresses the deserialization issue, a corresponding Jira ticket (BUG-3061), and multiple proof-of-concept exploits published on Exploit-DB and Packet Storm. These resources indicate that updating to a patched release is the primary mitigation step.
The EPSS score for this CVE rose sharply from a low baseline after disclosure, reaching a peak of 0.9089 on 2025-01-22 before receding to the current value of 0.3803, indicating that exploitation interest increased well after the initial publication.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-38678
Vulnerability details
Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.