Security Bloggers Network 

CVE-2020-27955: Git LFS RCE

by Satya Gupta on November 24, 2020

Virsec Security Research Lab Vulnerability Report

The Virsec Security Research Lab, helmed by Virsec CTO, Satya Gupta, provides timely, relevant analysis about prevalent security vulnerabilities.

1.1        Vulnerability Summary

Git LFS (Large File Storage) is a Git extension developed by Atlassian, GitHub, and a few other open source contributors, that reduces the impact of large files in your repository by downloading the relevant versions of them lazily. Specifically, large files are downloaded during the checkout process rather than during cloning or fetching. Git LFS 2.12.0 allows Remote Code Execution.

Watch the video to learn more about this and other important vulnerabilities.

1.2        CVSS Score

The CVSS Base Score is 9.8 (Critical)

1.3        Affected Version

Git LFS 2.12.0. As per this site, it affects lot more products, like  Git / GitHub CLI / GitHub Desktop, Basically the whole Windows dev world which uses git.

1.4        Vulnerability Attribution

This vulnerability is reported by MITRE

1.5        Risk Impact
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server like GitHub.com or GitHub Enterprise. So, exploiting this vulnerability and placing backdoor can exfiltrate your data sensitive data. This vulnerability can also be used to perform lateral movement and exploit other Git based vulnerabilities. Public exploits are available here and here. There are video on YouTube showing how to exploit GitHub desktop. As per GitHub page – this vulnerability affects and is tested on  git, GitHub CLI, GitHub Desktop, Visual Studio Code, SourceTree, SmartGit, GitKraken
1.6        Virsec Security Platform (VSP) Support:
The Virsec Security Platform (VSP)-Host monitors processes that are spawned which are not part of a set of whitelisted process. Any attempt to execute new command or unknown binary would be denied by VSP-Host’s Process Monitoring capability.
1.7        Reference Links:
Download the full vulnerability report to learn more about this and other important vulnerabilities.
The post CVE-2020-27955: Git LFS RCE appeared first on Virsec Systems.

Recent Articles By Author



									More from Satya Gupta

									


*** This is a Security Bloggers Network syndicated blog from Blog – Virsec Systems authored by Satya Gupta. Read the original post at: https://virsec.com/cve-2020-27955-git-lfs-rce/ 
		


		
  		

		

		 
		Satya Gupta

		
					 0 Comments
		,