Specialists in an exploit writing course report the discovery of three vulnerabilities in SQLite, the popular database management system. According to the report, the successful exploitation of these flaws would allow threat actors to bypass protections on exposed systems, allowing access to sensitive information.
Below is a brief description of the reported flaws, in addition to their respective scores and identification keys according to the Common Vulnerability Scoring System (CVSS).
CVE-2020-13630: A use-after-free error in the fts3EvalNextRow() function of ext/fts3/fts3.c would allow threat actors to compromise a vulnerable system. Threat actors would only require passing specially designed data to the application, triggering the error.
The vulnerability received a score of 7.7/10, so it is considered high severity.
CVE-2020-13631: A flaw of SQLite alter.cy build.c files would allow threat actors to bypass some security restrictions. Experts in the exploit creation course say the attack requires a malicious hacker with local access to the vulnerable system, which could allow you to create virtual tables, rename them, and gain unauthorized access to the front-end application.
This is a reduced severity flaw that received a CVSS score of 2.9/10.
CVE-2020-13632: A NULL pointer dereference flaw in ext/fts3/fts3_snippet.c would allow a local threat actor to deploy denial of service (DoS) conditions using a specially designed matchinfo() query.
The vulnerability received a score of 4.8/10, making it a low security threat.
The SQLite versions affected by these flaws are: 3.8.10, 126.96.36.199, 188.8.131.52, 3.8.11, 184.108.40.206, 3.9.0, 3.9.1, 3.9.2, 3.9.3, 3.10.0, 3.10.1, 3.10.2, 3.11.0, 3.11.1, 3.12.0, 3.12.1, 3.12.2, 3.13.0, 3.14, 3.14.0, 3.14.1, 3.14.2, 3.15.0, 3.15.1, 3.15.2, 3.16.0, 3.16.1, 3.16.2, 3.17.0 3.18.0, 3.18.1, 3.18.2, 3.19.0, 3.19.1, 3.19.2, 3.19.3, 3.20.0, 3.20. 1, 3.21.0, 3.22.0, 3.23.0, 3.23.1, 3.24.0, 3.25.0, 3.25.1, 3.25.2, 3.25.3, 3.26.0, 3.27.0, 3.27.1, 3.27.2, 3.28.0, 3.29.0, 3.30.0, 3.30.1, 3.31.0, 3.31.1
So far experts in the exploit creation course have not detected attempts to exploit in real-world scenarios, or the existence of malware variants associated with the attack, although users should not forget to install the updates. SQLite has already released the patches to fix these bugs.