CVE: CVE-2021-22204

Export to Word

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

S9 – Sabotage of System/App

EPSS

Score: 0.93101
Percentile: 0.9978

CVSS Scoring

CVSS v3.1 Score: 6.8

Severity: MEDIUM

KEV is present

Mapped CWE(s)

CWE-94 : Improper Control of Generation of Code ('Code Injection')

All CAPEC(s)

CAPEC-242: Code Injection
CAPEC-35: Leverage Executable Code in Non-Executable Files
CAPEC-77: Manipulating User-Controlled Variables

CAPEC(s) with Mapped TTPs

CAPEC-35: Leverage Executable Code in Non-Executable Files
Mapped TTPs:
- T1027.006 : HTML Smuggling
- T1027.009 : Embedded Payloads
- T1564.009 : Resource Forking

Mapped ATT&CK TTPs

T1027.006 : HTML Smuggling
Kill Chain: defense-evasion
T1027.009 : Embedded Payloads
Kill Chain: defense-evasion
T1564.009 : Resource Forking
Kill Chain: defense-evasion

Malware

APTs Threat Group Associations

Campaigns

C0021

Affected Products

cpe:2.3:a:exiftool_project:exiftool:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

← Back to Home