Plattform
php
Komponente
php
Behoben in
7.3.15
7.4.3
CVE-2020-7061 describes a buffer overflow vulnerability affecting PHP versions 7.3.x prior to 7.3.15 and 7.4.x prior to 7.4.3. This vulnerability arises when extracting PHAR (PHP Archive) files on Windows systems utilizing the phar extension. Successful exploitation could lead to information disclosure or application crashes, impacting system stability and potentially exposing sensitive data.
The vulnerability lies in how PHP handles PHAR file extraction on Windows. Specifically, certain content within a malicious PHAR file can trigger a one-byte read past the allocated buffer during the extraction process. This out-of-bounds read can expose sensitive data stored in memory, potentially including configuration details, session information, or even parts of the application's code. While a direct remote code execution (RCE) is not immediately apparent, an attacker could potentially leverage this information disclosure to gain a deeper understanding of the system and plan further attacks. The crash resulting from the overflow could also be used to disrupt service, leading to a denial-of-service condition.
CVE-2020-7061 was publicly disclosed on February 27, 2020. While no active exploitation campaigns have been definitively linked to this specific vulnerability, the potential for information disclosure makes it an attractive target for opportunistic attackers. It is not currently listed on CISA KEV. Public proof-of-concept exploits are available, demonstrating the feasibility of exploiting the vulnerability.
Web applications and services relying on PHP 7.3.x and 7.4.x are at risk, particularly those that handle user-uploaded PHAR archives or process PHAR files from external sources. Shared hosting environments where multiple users can upload files are especially vulnerable, as a malicious PHAR archive uploaded by one user could potentially impact other users on the same server.
• windows / supply-chain:
Get-Process | Where-Object {$_.ProcessName -like '*php*'} | Select-Object -ExpandProperty Path• linux / server:
ps aux | grep php• generic web:
curl -I http://your-website.com/phar/your-phar-file.phardisclosure
Exploit-Status
EPSS
2.77% (86% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2020-7061 is to upgrade to PHP version 7.4.3 or later. If upgrading is not immediately feasible, consider temporarily disabling the phar extension in your php.ini file by setting phar.disabled = 1. This will prevent PHAR files from being extracted, effectively mitigating the vulnerability. For environments utilizing a Web Application Firewall (WAF) or reverse proxy, configure rules to block requests containing potentially malicious PHAR files. Verify the upgrade by attempting to extract a known safe PHAR file after the upgrade; no errors or crashes should occur.
Actualice a PHP versión 7.3.15 o superior, o a la versión 7.4.3 o superior. Esto solucionará la vulnerabilidad de desbordamiento de búfer en la extensión PHAR al extraer archivos en Windows.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2020-7061 is a medium severity vulnerability in PHP versions 7.3.x and 7.4.x that allows a buffer overflow when extracting PHAR files on Windows, potentially leading to information disclosure or crashes.
You are affected if you are running PHP 7.3.x versions prior to 7.3.15 or PHP 7.4.x versions prior to 7.4.3 and process PHAR archives, especially from untrusted sources.
Upgrade to PHP 7.4.3 or later to resolve the vulnerability. If immediate upgrade is not possible, restrict PHAR execution from untrusted sources.
There is currently no evidence of active exploitation campaigns targeting CVE-2020-7061, but public PoCs exist.
Refer to the official PHP security advisory: https://security.php.net/CVE-2020-7061
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.