id: electron-version-detect

info:
  name: Google Chromium/Electron - Remote Code Execution
  author: me9187
  severity: info
  description: Google Chromium contains a remote code execution vulnerability which affects all recent versions of Electron. Any Electron app that accesses remote content is vulnerable to this exploit, regardless of whether the sandbox option is enabled. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
  remediation: Update to Electron 1.7.8 or 1.6.14, both of which include a fix for this vulnerability.
  reference:
    - https://www.electronjs.org/blog/chromium-rce-vulnerability/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: electron,file

file:
  - extensions:
      - json

    extractors:
      - type: regex
        regex:
          - '"electronVersion":"[^"]*"'

# Enhanced by md on 2023/05/03