Sandbox breakout can lead to remote code execution, researchers warn
vm2’s GitHub page describes the library as “a sandbox that can run untrusted code with whitelisted Node's built-in modules. Securely!”
However, CISPA Helmholtz Center for Information Security, a cybersecurity research group in Germany, found that the library is open to prototype pollution attacks.
A proof-of-concept (PoC) on Snyk shows how a few lines of code can exploit the vulnerability in vm2 to carry out a prototype pollution and RCE attack on the host.
While the bug has been filed as ‘prototype pollution’, Cristian-Alexandru Staicu, one of the researchers who helped discover and report the bug, told The Daily Swig that a better title would be “sandbox breakout”.
RELATED Prototype pollution vulnerabilities rife among high-traffic websites, study finds
“In the PoC published by Snyk, we show both a prototype pollution payload and an arbitrary code execution. They are both the result of sandbox breakout,” Staicu said. “vm2 is supposed to prevent access to the global object/privileged operations (e.g., require), and we show how an attacker might get around this security control.”
While the vulnerability does not provide root access to the host device, it gives complete access to the Node.js API, something vm2 is trying to restrict, Staicu explained.
In March, they reported a sandbox breakout bug in isolated-vm, another sandbox, which allowed attackers to obtain a reference to the ‘function’ object of the Node.js context.
They’ve found similar bugs in at least three other sandbox libraries, Staicu said, though he couldn’t share details since the disclosure process with the relevant developers remains ongoing and patches are yet to be released.
YOU MAY ALSO LIKE Historic scientific notation bug foils WAF defenses