CVE-2023-34561 – A buffer overflow vulnerability in Geometry Das... (How to Fix)

Q: What is the severity of CVE-2023-34561?

CVE-2023-34561 has a CVSS score of 9.8 (CRITICAL). A buffer overflow vulnerability in Geometry Dash's level parsing code allows attackers to execute arbitrary code by tricking users into loading malicious levels. This affects all users running vulnerable versions of Geometry Dash, particularly those who download and play user-created levels from untrusted sources.

📋 TL;DR

A buffer overflow vulnerability in Geometry Dash's level parsing code allows attackers to execute arbitrary code by tricking users into loading malicious levels. This affects all users running vulnerable versions of Geometry Dash, particularly those who download and play user-created levels from untrusted sources.

💻 Affected Systems

Products:

RobTop Games AB Geometry Dash

Versions: v2.113 and earlier

Operating Systems: Windows, macOS, iOS, Android

Default Config Vulnerable: ⚠️ Yes

Notes: All platforms running vulnerable versions are affected. The vulnerability is triggered when parsing malicious level files.

📦 What is this software?

Geometry Dash by Robtopgames

View all CVEs affecting Geometry Dash →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining full control over the victim's computer, enabling data theft, ransomware deployment, or persistent backdoor installation.

🟠

Likely Case

Attackers create malicious levels that execute code when loaded, potentially stealing game credentials, installing malware, or joining botnets.

🟢

If Mitigated

With proper network segmentation and application sandboxing, impact limited to game data corruption or temporary system instability.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Multiple public proof-of-concept exploits and demonstration videos exist. Exploitation requires user interaction to load malicious level files.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2.2 or later

Vendor Advisory: https://www.robtopgames.com/

Restart Required: Yes

Instructions:

1. Launch Geometry Dash. 2. Check for updates in the game menu. 3. Download and install v2.2 or later. 4. Restart the game.

🔧 Temporary Workarounds

Disable User Level Downloads

all

Prevent downloading and loading user-created levels from untrusted sources

Application Sandboxing

windows

Run Geometry Dash in a sandboxed environment to limit potential damage

🧯 If You Can't Patch

Disconnect vulnerable systems from the internet and restrict level file transfers
Implement strict application whitelisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check Geometry Dash version in game settings or application properties. Versions 2.113 and earlier are vulnerable.

Check Version:

Not applicable - check version in game interface

Verify Fix Applied:

Confirm version is 2.2 or later in game settings. Test loading known safe levels to ensure functionality.

📡 Detection & Monitoring

Log Indicators:

Unusual process creation from Geometry Dash executable
Memory access violations in application logs

Network Indicators:

Unexpected outbound connections from Geometry Dash process
Downloads of level files from untrusted sources

SIEM Query:

Process Creation where Parent Process contains 'GeometryDash.exe' AND Command Line contains unusual parameters

📊 Metadata

CVE ID: CVE-2023-34561

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-120

Published: July 11, 2023

Last Updated: November 21, 2024

🔗 References

https://github.com/meltah/gd-rce Exploit,Third Party Advisory
https://www.youtube.com/watch?v=DMxucOWfLPc Exploit,Third Party Advisory
https://www.youtube.com/watch?v=RGMeWPchScg Exploit,Third Party Advisory
https://www.youtube.com/watch?v=ev0VXbiduuQ Exploit,Third Party Advisory
https://www.youtube.com/watch?v=kAeJvY6BBps Exploit,Third Party Advisory
https://www.youtube.com/watch?v=u7eXBr4HkKQ Exploit,Third Party Advisory
https://github.com/meltah/gd-rce Exploit,Third Party Advisory
https://www.youtube.com/watch?v=DMxucOWfLPc Exploit,Third Party Advisory
https://www.youtube.com/watch?v=RGMeWPchScg Exploit,Third Party Advisory
https://www.youtube.com/watch?v=ev0VXbiduuQ Exploit,Third Party Advisory
https://www.youtube.com/watch?v=kAeJvY6BBps Exploit,Third Party Advisory
https://www.youtube.com/watch?v=u7eXBr4HkKQ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-34561, you might also want to check these: