Security Researcher @ducnt_ published Proof of Concept code (PoC) that exploits a known and unpatched vulnerability of Ghostscript first reported by @emil_lerner on servers employing the open source image processing toolkit Imagemagick. Ghostscript is a PDF-processing library supported by Artifex, often used for file uploading services by servers; Imagemagick is a widely used open source server-side solution that employs this library to process PDF uploads. Artifex has not yet commented on the release of this PoC; however, Emil Lerner had previously disclosed this vulnerability last year in compliance with responsible disclosure practices and made a public announcement last month at a security conference. The PoC allows for full server compromise including full administrative access and arbitrary remote code execution (RCE).
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased