CVE-2022-46293 – CVE-2022-46293 is a critical out-of-bounds writ... (How to Fix)

Q: What is the severity of CVE-2022-46293?

CVE-2022-46293 has a CVSS score of 9.8 (CRITICAL). CVE-2022-46293 is a critical out-of-bounds write vulnerability in Open Babel's MOPAC file parser that allows arbitrary code execution when processing malicious files. This affects users of Open Babel 3.1.1 and development versions who process untrusted MOPAC format files. Attackers can achieve remote code execution by tricking users or automated systems into opening specially crafted files.

📋 TL;DR

CVE-2022-46293 is a critical out-of-bounds write vulnerability in Open Babel's MOPAC file parser that allows arbitrary code execution when processing malicious files. This affects users of Open Babel 3.1.1 and development versions who process untrusted MOPAC format files. Attackers can achieve remote code execution by tricking users or automated systems into opening specially crafted files.

💻 Affected Systems

Products:

Open Babel

Versions: 3.1.1 and development versions including master commit 530dbfa3

Operating Systems: All platforms running Open Babel

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is in the MOPAC file format parser within the Final Point and Derivatives section. Any system processing MOPAC files is vulnerable.

📦 What is this software?

Open Babel by Openbabel

View all CVEs affecting Open Babel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining the same privileges as the Open Babel process, potentially leading to data theft, ransomware deployment, or lateral movement.

🟠

Likely Case

Remote code execution on systems processing untrusted MOPAC files, allowing attackers to install malware, exfiltrate data, or pivot to other systems.

🟢

If Mitigated

Limited impact through proper file validation, sandboxing, and privilege reduction, potentially reducing to denial of service or information disclosure.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires the victim to process a malicious MOPAC file. The vulnerability is in file parsing, so no authentication is needed beyond file access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Open Babel 3.1.2 or later

Vendor Advisory: https://github.com/openbabel/openbabel/security/advisories/GHSA-6w4m-7w8q-2v3q

Restart Required: No

Instructions:

1. Update Open Babel to version 3.1.2 or later. 2. If using package manager, run appropriate update command. 3. If compiled from source, download latest release and rebuild.

🔧 Temporary Workarounds

Disable MOPAC file processing

all

Configure Open Babel to reject or skip MOPAC format files

# Configure application to filter out .mop files
# Use file type validation before processing

Sandbox execution

linux

Run Open Babel in a container or sandbox with limited privileges

docker run --read-only --cap-drop=ALL -v /safe/input:/input openbabel
# Or use AppArmor/SELinux profiles

🧯 If You Can't Patch

Implement strict file validation: only allow trusted, verified MOPAC files
Run Open Babel with minimal privileges (non-root user, restricted filesystem access)

🔍 How to Verify

Check if Vulnerable:

Check Open Babel version: 'obabel --version'. If version is 3.1.1 or development version with commit earlier than fix, system is vulnerable.

Check Version:

obabel --version

Verify Fix Applied:

Verify version is 3.1.2 or later: 'obabel --version' should show patched version. Test with known safe MOPAC files to ensure functionality.

📡 Detection & Monitoring

Log Indicators:

Multiple failed MOPAC file parsing attempts
Unusual process spawning from Open Babel
Memory access violations in application logs

Network Indicators:

Unexpected outbound connections from Open Babel process
File downloads followed by Open Babel execution

SIEM Query:

process_name:"obabel" AND (file_extension:".mop" OR file_type:"MOPAC")

📊 Metadata

CVE ID: CVE-2022-46293

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: July 21, 2023

Last Updated: November 4, 2025

🔗 References

https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666 Exploit,Technical Description,Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666 Exploit,Technical Description,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1666

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-46293, you might also want to check these: