{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-21625", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-12-29T03:00:44.953Z", "datePublished": "2024-01-04T14:48:34.782Z", "dateUpdated": "2024-09-04T20:30:54.564Z"}, "containers": {"cna": {"title": "One-click remote code execution via malicious deep link", "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "lang": "en", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/SideQuestVR/SideQuest/security/advisories/GHSA-3v86-cf9q-x4x7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/SideQuestVR/SideQuest/security/advisories/GHSA-3v86-cf9q-x4x7"}], "affected": [{"vendor": "SideQuestVR", "product": "SideQuest", "versions": [{"version": "< 0.10.35", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-04T14:48:34.782Z"}, "descriptions": [{"lang": "en", "value": "SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol (`sidequest://`) to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized properly in all cases, a one-click remote code execution can be achieved in cases when a device is connected, the user is presented with a malicious link and clicks it from within the application. As of version 0.10.35, the custom protocol links within the electron application are now being parsed and sanitized properly."}], "source": {"advisory": "GHSA-3v86-cf9q-x4x7", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:27:35.808Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/SideQuestVR/SideQuest/security/advisories/GHSA-3v86-cf9q-x4x7", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/SideQuestVR/SideQuest/security/advisories/GHSA-3v86-cf9q-x4x7"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-03-13T18:57:51.463810Z", "id": "CVE-2024-21625", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-04T20:30:54.564Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/SideQuestVR/SideQuest/security/advisories/GHSA-3v86-cf9q-x4x7", "name": "https://github.com/SideQuestVR/SideQuest/security/advisories/GHSA-3v86-cf9q-x4x7", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:27:35.808Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-21625", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-03-13T18:57:51.463810Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-04T20:30:50.078Z"}}], "cna": {"title": "One-click remote code execution via malicious deep link", "source": {"advisory": "GHSA-3v86-cf9q-x4x7", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "SideQuestVR", "product": "SideQuest", "versions": [{"status": "affected", "version": "< 0.10.35"}]}], "references": [{"url": "https://github.com/SideQuestVR/SideQuest/security/advisories/GHSA-3v86-cf9q-x4x7", "name": "https://github.com/SideQuestVR/SideQuest/security/advisories/GHSA-3v86-cf9q-x4x7", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol (`sidequest://`) to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized properly in all cases, a one-click remote code execution can be achieved in cases when a device is connected, the user is presented with a malicious link and clicks it from within the application. As of version 0.10.35, the custom protocol links within the electron application are now being parsed and sanitized properly."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-04T14:48:34.782Z"}}}, "cveMetadata": {"cveId": "CVE-2024-21625", "state": "PUBLISHED", "dateUpdated": "2024-09-04T20:30:54.564Z", "dateReserved": "2023-12-29T03:00:44.953Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-01-04T14:48:34.782Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sidequestvr:sidequest:*:*:*:*:*:*:*:*", "matchCriteriaId": "48037EDB-FCDF-432F-A461-BBBE656927E6", "versionEndExcluding": "0.10.35", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SideQuest is a place to get virtual reality applications for Oculus Quest. The SideQuest desktop application uses deep links with a custom protocol (`sidequest://`) to trigger actions in the application from its web contents. Because, prior to version 0.10.35, the deep link URLs were not sanitized properly in all cases, a one-click remote code execution can be achieved in cases when a device is connected, the user is presented with a malicious link and clicks it from within the application. As of version 0.10.35, the custom protocol links within the electron application are now being parsed and sanitized properly."}, {"lang": "es", "value": "SideQuest es un lugar para conseguir aplicaciones de realidad virtual para Oculus Quest. La aplicaci\u00f3n de escritorio SideQuest utiliza enlaces profundos con un protocolo personalizado (`sidequest://`) para activar acciones en la aplicaci\u00f3n desde su contenido web. Debido a que, antes de la versi\u00f3n 0.10.35, las URL de los enlaces profundos no se sanitizaban adecuadamente en todos los casos, se puede lograr una ejecuci\u00f3n remota de c\u00f3digo con un solo clic en los casos en que cuando un dispositivo est\u00e1 conectado, al usuario se le presenta un enlace malicioso y hace clic en \u00e9l. desde dentro de la aplicaci\u00f3n. A partir de la versi\u00f3n 0.10.35, los enlaces de protocolo personalizados dentro de la aplicaci\u00f3n electr\u00f3nica ahora se analizan y sanitizan correctamente."}], "id": "CVE-2024-21625", "lastModified": "2024-01-11T16:52:43.513", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-01-04T15:15:11.030", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/SideQuestVR/SideQuest/security/advisories/GHSA-3v86-cf9q-x4x7"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}