CVE-2018-1000006: The vulnerability is caused by applications compiled by Electron failing to properly validate user-supplied input information. The application cannot check whether other command line parameters have been specified via the URL. An attacker could exploit this vulnerability by enticing a user to open a maliciously crafted link. Exploiting the vulnerability could result in the execution of arbitrary commands in the user’s security environment.
Vulnerability Source: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000006
- Electron Version < 1.6.16
- Electron Version < 1.7.11
- Electron Version < 1.8.2-beta.4
Update Electron-supplied patches
Take mitigation measures provided by Electron
Do not click on suspicious web pages
Official statement: https://electronjs.org/blog/protocol-handler-fix
[Hillstone Networks Solution]
Hillstone Networks has added signatures to the IPS signature database version 2.1.237. By deploying any Hillstone Networks solution with the IPS function, the Electron setAsDefaultProtocolClient Command Injection vulnerability can be quickly detected and effectively intercepted, preventing the server from being attacked.
Threat Events Detected by Hillstone Solutions
Vulnerability Detail Description