CWE-507
Trojan Horse
The product appears to contain benign or useful functionality, but it also contains code that is hidden from normal operation that violates the intended security policy of the user or the system administrator.
CVE-2020-26292 (GCVE-0-2020-26292)
Vulnerability from cvelistv5
Published
2021-01-04 18:10
Modified
2024-08-04 15:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-507 - Trojan Horse
Summary
Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source code, you are **NOT** affected. This only affects the binary releases. The binary of unknown quality has been removed from the release. If you have downloaded the binary, please delete it and run a reputable antivirus scanner to ensure that your computer is clean.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| chatter-social | Creeper |
Version: = 1.1.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:56:04.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/chatter-social/Creeper/security/advisories/GHSA-9v67-g2rg-m33j"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Creeper",
"vendor": "chatter-social",
"versions": [
{
"status": "affected",
"version": "= 1.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source code, you are **NOT** affected. This only affects the binary releases. The binary of unknown quality has been removed from the release. If you have downloaded the binary, please delete it and run a reputable antivirus scanner to ensure that your computer is clean."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-507",
"description": "CWE-507: Trojan Horse",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-04T18:10:12",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/chatter-social/Creeper/security/advisories/GHSA-9v67-g2rg-m33j"
}
],
"source": {
"advisory": "GHSA-9v67-g2rg-m33j",
"discovery": "UNKNOWN"
},
"title": "Potential Malware Discovered (Possible False Positive)",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-26292",
"STATE": "PUBLIC",
"TITLE": "Potential Malware Discovered (Possible False Positive)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Creeper",
"version": {
"version_data": [
{
"version_value": "= 1.1.3"
}
]
}
}
]
},
"vendor_name": "chatter-social"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source code, you are **NOT** affected. This only affects the binary releases. The binary of unknown quality has been removed from the release. If you have downloaded the binary, please delete it and run a reputable antivirus scanner to ensure that your computer is clean."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-507: Trojan Horse"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chatter-social/Creeper/security/advisories/GHSA-9v67-g2rg-m33j",
"refsource": "CONFIRM",
"url": "https://github.com/chatter-social/Creeper/security/advisories/GHSA-9v67-g2rg-m33j"
}
]
},
"source": {
"advisory": "GHSA-9v67-g2rg-m33j",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-26292",
"datePublished": "2021-01-04T18:10:12",
"dateReserved": "2020-10-01T00:00:00",
"dateUpdated": "2024-08-04T15:56:04.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Operation
Description:
- Most antivirus software scans for Trojan Horses.
Mitigation
Phase: Installation
Description:
- Verify the integrity of the product that is being installed.
CAPEC-698: Install Malicious Extension
An adversary directly installs or tricks a user into installing a malicious extension into existing trusted software, with the goal of achieving a variety of negative technical impacts.