Vulnerability Description
Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Helpsystems | Cobalt Strike | 4.7.1 |
Related Weaknesses (CWE)
References
- https://thesecmaster.com/how-to-fix-cve-2022-42948-a-critical-rce-vulnerability-Technical DescriptionThird Party Advisory
- https://www.cobaltstrike.com/blog/Vendor Advisory
- https://www.redpacketsecurity.com/helpsystems-cobalt-strike-code-execution-cve-2Third Party Advisory
- https://thesecmaster.com/how-to-fix-cve-2022-42948-a-critical-rce-vulnerability-Technical DescriptionThird Party Advisory
- https://www.cobaltstrike.com/blog/Vendor Advisory
- https://www.redpacketsecurity.com/helpsystems-cobalt-strike-code-execution-cve-2Third Party Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-US Government Resource
FAQ
What is CVE-2022-42948?
CVE-2022-42948 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI.
How severe is CVE-2022-42948?
CVE-2022-42948 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-42948?
Check the references section above for vendor advisories and patch information. Affected products include: Helpsystems Cobalt Strike.