CVE-2022-23947 – A stack-based buffer overflow vulnerability in ... (How to Fix)

Q: What is the severity of CVE-2022-23947?

CVE-2022-23947 has a CVSS score of 7.8 (HIGH). A stack-based buffer overflow vulnerability in KiCad's Gerber/Excellon file parsers allows remote code execution when processing malicious files. Users who open untrusted Gerber or Excellon files with vulnerable KiCad versions are affected. This could lead to complete system compromise.

📋 TL;DR

A stack-based buffer overflow vulnerability in KiCad's Gerber/Excellon file parsers allows remote code execution when processing malicious files. Users who open untrusted Gerber or Excellon files with vulnerable KiCad versions are affected. This could lead to complete system compromise.

💻 Affected Systems

Products:

KiCad EDA

Versions: KiCad 6.0.1 and earlier versions; master commit de006fc010 and earlier

Operating Systems: Linux, Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All KiCad installations with Gerber/Excellon file viewing capability are vulnerable by default.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker gains full code execution on victim's system, potentially leading to complete system takeover, data theft, or lateral movement.

🟠

Likely Case

Attacker tricks user into opening malicious Gerber/Excellon file, leading to arbitrary code execution with user privileges.

🟢

If Mitigated

With proper file validation and user awareness, risk reduces to minimal as users avoid opening untrusted files.

🌐 Internet-Facing: LOW - KiCad is not typically internet-facing; exploitation requires user interaction with malicious files.

🏢 Internal Only: MEDIUM - Internal users could be targeted via phishing or shared malicious files, but requires user interaction.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires user to open malicious file; no authentication needed. Public PoC exists in Talos advisory.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: KiCad 6.0.2 and later

Vendor Advisory: https://www.kicad.org/

Restart Required: No

Instructions:

1. Download KiCad 6.0.2 or later from official website. 2. Install over existing version. 3. Verify installation with version check.

🔧 Temporary Workarounds

Disable Gerber/Excellon file parsing

all

Remove or restrict KiCad's ability to parse Gerber/Excellon files

Not applicable - requires application configuration changes

File type validation

all

Implement strict file validation before opening in KiCad

Not applicable - requires external validation tools

🧯 If You Can't Patch

Restrict KiCad usage to trusted files only; implement strict file validation procedures
Isolate KiCad installations; run with minimal privileges; monitor for suspicious file openings

🔍 How to Verify

Check if Vulnerable:

Check KiCad version: if version is 6.0.1 or earlier, system is vulnerable

Check Version:

kicad --version (Linux/macOS) or check About in KiCad GUI (Windows)

Verify Fix Applied:

Verify KiCad version is 6.0.2 or later after patching

📡 Detection & Monitoring

Log Indicators:

KiCad crash logs with stack overflow errors
Unexpected process creation from KiCad

Network Indicators:

Outbound connections from KiCad process to unexpected destinations

SIEM Query:

Process Creation where Parent Process contains 'kicad' AND Command Line contains suspicious patterns

📊 Metadata

CVE ID: CVE-2022-23947

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-121

Published: February 4, 2022

Last Updated: November 21, 2024

🔗 References

https://lists.debian.org/debian-lts-announce/2022/05/msg00009.html Mailing List,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/08/msg00010.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5EMCGSSP3FIWCSL2KXVXLF35JYZKZE5Q/
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1460 Third Party Advisory
https://www.debian.org/security/2022/dsa-5214 Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/05/msg00009.html Mailing List,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/08/msg00010.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5EMCGSSP3FIWCSL2KXVXLF35JYZKZE5Q/
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1460 Third Party Advisory
https://www.debian.org/security/2022/dsa-5214 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-23947, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Debian Linux by Debian

Debian Linux by Debian

Debian Linux by Debian

Fedora by Fedoraproject

Kicad Eda by Kicad

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable Gerber/Excellon file parsing

File type validation

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities