Select Page

[Overview]

Electron is an open source framework for developing desktop GUI applications that enables developers to build native programs across MAC, Windows, and Linux using web technologies such as JavaScript, HTML, and CSS. Electron recently fixed an Electron remote code execution vulnerability that affects custom protocol handlers.

[Vulnerability Details]

CVE-2018-1000006: The vulnerability is caused by applications compiled by Electron failing to properly validate user-supplied input information. The application cannot check whether other command line parameters have been specified via the URL. An attacker could exploit this vulnerability by enticing a user to open a maliciously crafted link. Exploiting the vulnerability could result in the execution of arbitrary commands in the user’s security environment.

Vulnerability Source: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000006

[Severity]

Critical

[Affected Version]

  • Electron Version < 1.6.16
  • Electron Version < 1.7.11
  • Electron Version < 1.8.2-beta.4

[Suggestions]

Update Electron-supplied patches


Take mitigation measures provided by Electron


Do not click on suspicious web pages


Official statement: https://electronjs.org/blog/protocol-handler-fix

[Hillstone Networks Solution]

Hillstone Networks has added signatures to the IPS signature database version 2.1.237. By deploying any Hillstone Networks solution with the IPS function, the Electron setAsDefaultProtocolClient Command Injection vulnerability can be quickly detected and effectively intercepted, preventing the server from being attacked.

Threat Events Detected by Hillstone Solutions

Vulnerability Detail Description

Hillstone NGFWs Recognized for 8th Straight Year in Gartner® Magic Quadrant™, Named as a “Visionary”

Hillstone Networks Wins 2021 CybersecAsia Readers’ Choice Award

ZTNA: A Better Way to Control Access, Boost Security

Hillstone sBDS V3.4 Extends Supplementary Detection Capabilities

Kudos to the Hillstone Security Research Team for Being Acknowledge by Microsoft for Vulnerability Discovery

Hillstone Releases iSource, an Extended Detection and Response Platform

Hillstone’s A200W streamlines deployment of cost-effective perimeter solution

Endpoint Detection and Response: Getting from Good to Great

ADC V2.9 delivers traffic and balances links at an unprecedented level