AI finds critical ImageMagick vulnerabilities in default configurations

The IT security firm Octagon Networks has discovered critical vulnerabilities in the image processing software ImageMagick with its tool pwn.ai. The weaknesses occur in default configurations on several widely used Linux distributions and can allow attackers to inject and execute malicious code from the network, or to write and read files, as well as bypass security policies.

As the company writes in its analysis, millions of servers in several configurations are vulnerable. The tool has discovered several zero-day vulnerabilities that can occur with the security policy architecture in ImageMagick on every major Linux distribution, as well as WordPress installations. The IT security researchers explain that uploading manipulated .pdf or .jpg files is sufficient to achieve remote code execution there.

Limited Test Environment

The test environment consisted of a web app with a minimal attack surface. It does not provide an API or interesting fields, but merely processes invoices; it also has no client-side JavaScript. The upload field is the most interesting aspect. ImageMagick processes the uploaded files. According to the analysis, the software is installed on millions of servers; on the first test system, it was on Ubuntu 22.04 without any known, unpatched vulnerabilities. The AI tool therefore identified ImageMagick as an attack vector and installed and analyzed it in its own sandbox.

It found a vulnerability chain where filtering with Magic Bytes of .svg files and a PostScript filter policy could be bypassed by using the EPSI format. ImageMagick responded to the report with an adjusted policy, as the default policies are only intended as a baseline template. However, these default policies are widely used, the IT researchers further explain. They are used, for example, in Ubuntu 22.04, Debian 11 and 12, Fedora/RHEL/CentOS, Arch Linux / Alpine Linux / OpenSUSE, Amazon Linux, Google Cloud Shell, macOS Homebrew, and in most Docker images. These are therefore all vulnerable to the discovered weaknesses.

Even with the adjusted policy, the AI tool found further security vulnerabilities that bypass filtering and write files to the vulnerable systems. With manipulated files in PDF format, for example, malicious code smuggling and execution from the network could be achieved. In the policy called “Secure Policy”, it was also possible to read and write files in the /tmp directory, for instance. This could trigger denial-of-service attacks through RAM consumption or PHP session poisoning. However, code smuggling is also possible, as ImageMagick's scripting language can read and write files in any path on the drive.

Actual Threat Situation

The IT researchers write that WordPress uses ImageMagick by default via the PHP-ImageMagick extension, for example, to create thumbnails, resize images, and display PDF previews. It does not set a security policy for ImageMagick but relies on server defaults. Standard WordPress installations are therefore very likely vulnerable. The Gravity Forms plugin for WordPress, with over two million installations, thus allows unauthenticated attackers to smuggle malicious code from the network. However, the payload is complex.

The analysis includes some proof-of-concepts (PoC). ImageMagick has silently fixed an affected module (EPT), according to the report's authors. There is no CVE entry, the fix is not declared as a security fix, and it has not been backported to Ubuntu 22.04 with ImageMagick 6.9.11-60, they complain.

IT managers can find countermeasures in the analysis that they should take. These include removing Ghostscript or processing PDFs in an isolated sandbox without network access and with a read-only file system. If using WordPress, ensure that the server's “policy.xml” file does not allow uploads. WordPress's XML-RPC performs no checks and should be disabled. If Gravity Forms is used with the “Post Image” field, administrators should prevent the processing of PostScript in the ImageMagick policy.

ImageMagick often works in the background, largely unnoticed. In the process, the software frequently closes security vulnerabilities, some of them serious. Updates from the end of February, for example, fixed 40 vulnerabilities, eight of which were classified as highly risky. The threat is not just academic; security flaws in ImageMagick are also attacked in the wild.

(dmk)