CVE-2020-7350 : What You Need to Know

Rapid7 Metasploit Framework versions before 5.0.85 are vulnerable to an OS Command Injection issue in the libnotify plugin, allowing attackers to execute commands on the operator's terminal.

Understanding CVE-2020-7350

This CVE involves a vulnerability in the Metasploit Framework that can be exploited through the libnotify plugin.

What is CVE-2020-7350?

The vulnerability in the libnotify plugin of Rapid7 Metasploit Framework versions prior to 5.0.85 allows for OS Command Injection, enabling attackers to trigger command execution on the terminal by manipulating user-supplied data.

The Impact of CVE-2020-7350

The vulnerability poses a medium severity risk with a CVSS base score of 6.1. It can lead to high integrity impact but does not affect availability. Attackers can exploit this issue locally without requiring privileges.

Technical Details of CVE-2020-7350

This section provides in-depth technical insights into the CVE.

Vulnerability Description

The vulnerability arises from the libnotify plugin in Metasploit Framework versions before 5.0.85, allowing untrusted data manipulation leading to OS Command Injection.

Affected Systems and Versions

Product: Metasploit Framework
Vendor: Rapid7
Vulnerable Versions: < 5.0.85

Exploitation Mechanism

Attack Complexity: Low
Attack Vector: Local
User Interaction: Required
Scope: Unchanged
Integrity Impact: High
Confidentiality Impact: Low
Privileges Required: None
Vector String: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N

Mitigation and Prevention

Protect your systems from CVE-2020-7350 with the following measures.

Immediate Steps to Take

Update Metasploit Framework to version 5.0.85 or higher.
Avoid importing files from untrusted sources.

Long-Term Security Practices

Regularly monitor and update security patches.
Conduct security audits to identify and mitigate vulnerabilities.

Patching and Updates

Ensure timely installation of security patches and updates to prevent exploitation of known vulnerabilities.