CVE-2025-24888
Published: 13 February 2025
Summary
CVE-2025-24888 is a high-severity Path Traversal (CWE-22) vulnerability in Qubes Os (inferred from references). Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 13.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents path traversal by validating filenames from the Content-Disposition header before writing encrypted reply files to disk in the SecureDrop Client.
Mitigates the vulnerability through timely patching to SecureDrop Client version 0.14.1, which fixes the unsafe initial file write before path validation.
Identifies path traversal vulnerabilities like CVE-2025-24888 in the SecureDrop Client reply download functionality through regular scanning.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal in client download enables arbitrary file write to autostart directory for execution (T1547.013) and directly supports exploitation of client application vulnerability for RCE (T1203).
NVD Description
The SecureDrop Client is a desktop application for journalists to communicate with sources and work with submissions on the SecureDrop Workstation. Prior to version 0.14.1, a malicious SecureDrop Server could obtain code execution on the SecureDrop Client virtual machine (`sd-app`).…
more
SecureDrop Server itself has multiple layers of built-in hardening, and is a dedicated physical machine exposed on the internet only via Tor hidden services for the Source and Journalist interfaces, and optionally via remote SSH access over another Tor hidden service. A newsroom's SecureDrop Workstation communicates only with its own dedicated SecureDrop Server. The SecureDrop Client runs in a dedicated Qubes virtual machine, named `sd-app`, as part of the SecureDrop Workstation. The private OpenPGP key used to decrypt submissions and replies is stored in a separate virtual machine and never accessed directly. The vulnerability lies in the code responsible for downloading replies. The filename of the reply is obtained from the `Content-Disposition` HTTP header and used to write the encrypted reply on disk. Note that filenames are generated and sanitized server-side, and files are downloaded in an encrypted format, so a remote attacker who has not achieved server compromise, such as one posing as a source, could not craft the HTTP response necessary for this attack. While the filename is later checked to guard against path traversal before being moved into the Client’s data storage directory, the file has already been written to a potentially arbitrary location. In this case, `safe_move()` would detect the path traversal and fail, leaving the original downloaded file in the attacker-chosen directory. Code execution can be gained by writing an autostart file in `/home/user/.config/autostart/`. Version 0.14.1 fixes the issue. As of time of publication, there is no known evidence of exploitation in the wild. This attack requires a previously compromised SecureDrop Server.
Deeper analysisAI
CVE-2025-24888 is a path traversal vulnerability (CWE-22) in the SecureDrop Client prior to version 0.14.1, a desktop application used by journalists to communicate with sources and handle submissions on the SecureDrop Workstation. The issue resides in the reply download functionality within the sd-app Qubes virtual machine, where the filename derived from the server's Content-Disposition HTTP header determines the initial write location for the encrypted reply file on disk. Although filenames are generated and sanitized server-side, a malicious server can specify a traversing path, and a subsequent safe_move() check fails to relocate the file, leaving it in the arbitrary location.
Exploitation requires an attacker to first compromise the target organization's SecureDrop Server, a dedicated physical machine hardened with multiple layers and exposed only via Tor hidden services (and optionally SSH). With server control, the attacker can craft a reply's HTTP response to write the encrypted file to a directory like /home/user/.config/autostart/, enabling autostart execution and remote code execution on the client sd-app VM. The private OpenPGP key remains isolated in a separate VM, and uncompromised remote attackers, such as fake sources, cannot trigger this due to encryption and sanitization.
Version 0.14.1 of the SecureDrop Client fixes the vulnerability. The GitHub security advisory (GHSA-6c3p-chq6-q3j2) and fixing commit (120bac14649db0bcf5f24f2eb82731c76843b1ba) detail the patch, which addresses the unsafe initial write before path validation.
As of publication on 2025-02-13, no evidence of real-world exploitation exists, and the high CVSS score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) reflects the need for server compromise as a prerequisite.
Details
- CWE(s)