CVE-2023-52076
Published: 25 January 2024
Summary
CVE-2023-52076 is a high-severity Path Traversal (CWE-22) vulnerability in Mate-Desktop Atril. Its CVSS base score is 8.5 (High).
Operationally, ranked in the top 5.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
Atril Document Viewer, the default document reader in the MATE desktop environment for Linux, is affected by a path traversal and arbitrary file write vulnerability in all versions prior to 1.26.2. The flaw, tracked under CWE-22 and related categories, permits writing arbitrary files to any location on the filesystem accessible to the user who opens a malicious document, with the sole restriction that existing files cannot be overwritten.
An attacker can exploit the issue by supplying a crafted document that a victim opens locally, requiring no special privileges beyond normal user access. Successful exploitation yields arbitrary file creation that can be leveraged to achieve remote command execution on the target system despite the inability to overwrite files.
The official GitHub security advisory and release notes for Atril 1.26.2, along with the corresponding Debian LTS advisory, direct users to apply the patch available in version 1.26.2; the fix is implemented in commit e70b21c815418a1e6ebedf6d8d31b8477c03ba50. No material change in EPSS has occurred since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-56755
Vulnerability details
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere…
more
on the filesystem to which the user opening a crafted document has access. The only limitation is that this vulnerability cannot be exploited to overwrite existing files, but that doesn't stop an attacker from achieving Remote Command Execution on the target system. Version 1.26.2 of Atril contains a patch for this vulnerability.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.