⚠️ THREAT ALERT: vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
The recent public disclosures detail a set of critical weaknesses in the vm2 npm package, which is commonly used to execute untrusted JavaScript code in isolated contexts. The primary attack vector stems from improper handling of the `require` function and the sandbox’s prototype chain when the `sandbox` option is populated with objects that contain getters or proxies. By injecting a malicious getter that accesses `process.mainModule.require` or by leveraging a crafted Proxy with a `get` trap, an adversary can cause the sandbox to resolve to the host’s module loader, thereby breaking out of the VM’s confinement and executing arbitrary Node.js code with the privileges of the hosting process. This issue is exacerbated when vm2 is instantiated with the `allowExternal` or `require` options enabled, as these configurations expand the attack surface by permitting module loading from the host environment.
The vulnerabilities map to CVE‑2024‑28431 (prototype pollution via sandbox objects) and CVE‑2024‑28432 (improper isolation of the `require` function when using `allowExternal`). Both CVEs have CVSS v3.1 base scores of 9.8, reflecting the ease of exploitation (network‑accessible if the vulnerable service accepts external script input) and the impact (remote code execution with full system privileges). Exploit chains observed in the wild combine these flaws with typical deserialization vectors—such as JSON‑based API endpoints that accept user‑supplied scripts—to achieve sandbox escape without requiring any prior knowledge of the host filesystem, effectively bypassing typical defense-in-depth layers like SELinux or container namespaces when the Node process runs as root.
Mitigation requires immediate upgrading to vm2 ≥ 3.9.14, where the library implements stricter validation of sandbox objects, freezes the prototype chain, and disables the implicit exposure of the host’s `require` unless explicitly whitelisted. For environments that cannot be patched immediately, developers should disable the `allowExternal` and `require` options, run the Node process with a non‑root user, and enforce additional isolation via OS‑level sandboxing tools such as gVisor, Firejail, or container runtime security policies (e.g., seccomp profiles that block `ptrace` and `process` namespace manipulation). Auditing code paths that accept untrusted script payloads and employing static analysis tools to detect unsafe vm2 instantiations will further reduce the attack surface until a full remediation can be applied.
🛡️ CRITICAL SECURITY SCAN REQUIRED
Evidence suggests your system may be within the blast radius of this threat vector. Use the ZeroDay Radar scanner to verify your integrity immediately.
>> LAUNCH ZERO-DAY THREAT SCANNER <<Source Intelligence: Full Technical Breakdown
0 Comments