5.6

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-15215

GHSA ID

GHSA-56pc-6jqp-xqj8

EPSS Score

0.51211%

CWE

CWE-668

Published

10/6/2020

Updated

1/9/2023

KEV Status

Technology

JavaScript

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-15215

CVE-2020-15215:
Context isolation bypass in Electron

Impact

Apps using both contextIsolation and sandbox: true are affected. Apps using both contextIsolation and nativeWindowOpen: true are affected.

This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions.

Workarounds

There are no app-side workarounds, you must update your Electron version to be protected.

Fixed Versions

11.0.0-beta.6
10.1.2
9.3.1
8.5.2

For more information

If you have any questions or comments about this advisory:

Email us at security@electronjs.org

(GitHub Advisory)

5.6

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-15215

GHSA ID

GHSA-56pc-6jqp-xqj8

EPSS Score

0.51211%

CWE

CWE-668

Published

10/6/2020

Updated

1/9/2023

KEV Status

Technology

JavaScript

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
electron	npm	>= 8.0.0-beta.0, < 8.5.2	8.5.2
electron	npm	>= 9.0.0-beta.0, < 9.3.1	9.3.1
electron	npm	>= 10.0.0-beta.0, < 10.1.2	10.1.2
electron	npm	>= 11.0.0-beta.0, <= 11.0.0-beta.5	11.0.0-beta.6

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The key vulnerability stemmed from improper process_id handling in URLLoaderFactoryParams when web security was disabled. The OverrideURLLoaderFactoryParams function in ElectronBrowserClient was modified across all relevant commits to remove the process_id assignment logic, which directly correlates with the described context isolation bypass. This function would appear in profiler output during exploitation as it's where CORB settings and process associations were manipulated.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t *pps usin* *ot* `*ont*xtIsol*tion` *n* `s*n**ox: tru*` *r* *****t**. *pps usin* *ot* `*ont*xtIsol*tion` *n* `n*tiv*Win*owOp*n: tru*` *r* *****t**. T*is is * *ont*xt isol*tion *yp*ss, m**nin* t**t *o** runnin* in t** m*in worl* *ont*xt in

Reasoning

T** k*y vuln*r**ility st*mm** *rom improp*r pro**ss_i* **n*lin* in URLLo***r***toryP*r*ms w**n w** s**urity w*s *is**l**. T** Ov*rri**URLLo***r***toryP*r*ms *un*tion in *l**tron*rows*r*li*nt w*s mo*i*i** **ross *ll r*l*v*nt *ommits to r*mov* t** pro*

5.6

Basic Information

Concerned about an active attack path?

CVE-2020-15215: Context isolation bypass in Electron

Impact

Workarounds

Fixed Versions

For more information

5.6

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2020-15215:
Context isolation bypass in Electron

Vulnerability Intelligence
Miggo AI