Miggo Logo

CVE-2020-15215: Context isolation bypass in Electron

5.6

CVSS Score
3.1

Basic Information

EPSS Score
0.51211%
Published
10/6/2020
Updated
1/9/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
electronnpm>= 8.0.0-beta.0, < 8.5.28.5.2
electronnpm>= 9.0.0-beta.0, < 9.3.19.3.1
electronnpm>= 10.0.0-beta.0, < 10.1.210.1.2
electronnpm>= 11.0.0-beta.0, <= 11.0.0-beta.511.0.0-beta.6

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The key vulnerability stemmed from improper process_id handling in URLLoaderFactoryParams when web security was disabled. The OverrideURLLoaderFactoryParams function in ElectronBrowserClient was modified across all relevant commits to remove the process_id assignment logic, which directly correlates with the described context isolation bypass. This function would appear in profiler output during exploitation as it's where CORB settings and process associations were manipulated.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t *pps usin* *ot* `*ont*xtIsol*tion` *n* `s*n**ox: tru*` *r* *****t**. *pps usin* *ot* `*ont*xtIsol*tion` *n* `n*tiv*Win*owOp*n: tru*` *r* *****t**. T*is is * *ont*xt isol*tion *yp*ss, m**nin* t**t *o** runnin* in t** m*in worl* *ont*xt in

Reasoning

T** k*y vuln*r**ility st*mm** *rom improp*r pro**ss_i* **n*lin* in URLLo***r***toryP*r*ms w**n w** s**urity w*s *is**l**. T** Ov*rri**URLLo***r***toryP*r*ms *un*tion in *l**tron*rows*r*li*nt w*s mo*i*i** **ross *ll r*l*v*nt *ommits to r*mov* t** pro*