{"id":"CVE-2024-39698","summary":"Code Signing Bypass on Windows in electron-updater \u003c 6.3.0-alpha.6","details":"electron-updater allows for automatic updates for Electron apps. The file `packages/electron-updater/src/windowsExecutableCodeSignatureVerifier.ts` implements the signature validation routine for Electron applications on Windows. Because of the surrounding shell, a first pass by `cmd.exe` expands any environment variable found in command-line above. This creates a situation where `verifySignature()` can be tricked into validating the certificate of a different file than the one that was just downloaded. If the step is successful, the malicious update will be executed even if its signature is invalid. This attack assumes a compromised update manifest (server compromise, Man-in-the-Middle attack if fetched over HTTP, Cross-Site Scripting to point the application to a malicious updater server, etc.). The patch is available starting from 6.3.0-alpha.6.","aliases":["GHSA-9jxc-qjr9-vjxq"],"modified":"2026-04-10T05:14:35.679775Z","published":"2024-07-09T17:50:28.169Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/39xxx/CVE-2024-39698.json","cna_assigner":"GitHub_M","cwe_ids":["CWE-154"]},"references":[{"type":"WEB","url":"https://github.com/electron-userland/electron-builder/blob/140e2f0eb0df79c2a46e35024e96d0563355fc89/packages/electron-updater/src/windowsExecutableCodeSignatureVerifier.ts#L35-L41"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/39xxx/CVE-2024-39698.json"},{"type":"ADVISORY","url":"https://github.com/electron-userland/electron-builder/security/advisories/GHSA-9jxc-qjr9-vjxq"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39698"},{"type":"FIX","url":"https://github.com/electron-userland/electron-builder/commit/ac2e6a25aa491c1ef5167a552c19fc2085cd427f"},{"type":"FIX","url":"https://github.com/electron-userland/electron-builder/pull/8295"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/electron-userland/electron-builder","events":[{"introduced":"0"},{"fixed":"2b80b01c4e9e5e7693460adda789cf270fbefe2b"}]}],"versions":["22.11.10","@electron-builder/test@0.0.0","app-builder-lib@22.14.13","app-builder-lib@23.0.0-alpha.0","builder-util-runtime@8.9.2","builder-util-runtime@9.0.0-alpha.0","builder-util@22.14.13","builder-util@23.0.0-alpha.0","dmg-builder@22.14.13","dmg-builder@23.0.0-alpha.0","docker@23.0.0-alpha.0","docker@23.0.5","docker@23.0.8","docker@23.1.0","docker@23.2.0","docker@23.5.1","docker@23.6.0","docker@24.0.0","docker@24.6.1","docker@24.6.2","docker@24.6.3","docker@24.8.0","docker@24.9.1","electron-builder-squirrel-windows@22.14.13","electron-builder-squirrel-windows@23.0.0-alpha.0","electron-builder@22.14.13","electron-builder@23.0.0-alpha.0","electron-forge-maker-appimage@22.14.13","electron-forge-maker-appimage@23.0.0-alpha.0","electron-forge-maker-nsis-web@22.14.13","electron-forge-maker-nsis-web@23.0.0-alpha.0","electron-forge-maker-nsis@22.14.13","electron-forge-maker-nsis@23.0.0-alpha.0","electron-forge-maker-snap@22.14.13","electron-forge-maker-snap@23.0.0-alpha.0","electron-publish@22.14.13","electron-publish@23.0.0-alpha.0","electron-updater-v3.1.6","electron-updater-v3.1.7","electron-updater-v3.2.1","electron-updater-v3.2.2","electron-updater-v3.2.3","electron-updater-v4.0.0","electron-updater-v4.0.1","electron-updater-v4.0.14","electron-updater-v4.0.2","electron-updater-v4.0.3","electron-updater-v4.0.4","electron-updater-v4.0.5","electron-updater-v4.0.6","electron-updater-v4.0.7","electron-updater-v4.1.0","electron-updater-v4.1.1","electron-updater-v4.1.2","electron-updater@4.6.5","electron-updater@5.0.0","electron-updater@5.0.0-alpha.0","electron-updater@5.0.0-alpha.1","electron-updater@5.0.0-alpha.2","electron-updater@5.0.0-alpha.3","electron-updater@5.0.0-alpha.4","electron-updater@5.0.1","electron-updater@5.0.2","electron-updater@5.0.3","electron-updater@5.0.4","electron-updater@5.0.5","electron-updater@5.0.6","electron-updater@5.1.0","electron-updater@5.2.0","electron-updater@5.2.1","electron-updater@5.2.2","electron-updater@5.2.3","electron-updater@5.2.4","electron-updater@5.3.0","electron-updater@6.0.0","electron-updater@6.0.0-alpha.0","electron-updater@6.0.0-alpha.1","electron-updater@6.0.0-alpha.2","electron-updater@6.0.0-alpha.3","electron-updater@6.0.0-alpha.4","electron-updater@6.0.0-alpha.5","electron-updater@6.0.0-alpha.6","electron-updater@6.0.0-alpha.7","electron-updater@6.0.0-alpha.8","electron-updater@6.0.0-alpha.9","electron-updater@6.0.1","electron-updater@6.0.2","electron-updater@6.0.3","electron-updater@6.0.4","electron-updater@6.1.0","electron-updater@6.1.1","electron-updater@6.1.2","electron-updater@6.1.3","electron-updater@6.1.4","electron-updater@6.1.5","electron-updater@6.1.6","electron-updater@6.1.7","electron-updater@6.1.8","electron-updater@6.1.9","electron-updater@6.2.0","electron-updater@6.2.1","electron-updater@6.3.0-alpha.0","electron-updater@6.3.0-alpha.1","electron-updater@6.3.0-alpha.2","electron-updater@6.3.0-alpha.3","electron-updater@6.3.0-alpha.4","electron-updater@6.3.0-alpha.5","v1.0.0","v1.0.1","v1.1.0","v1.1.1","v10.0.0","v10.1.0","v10.10.0","v10.11.0","v10.12.0","v10.13.0","v10.13.1","v10.14.0","v10.15.0","v10.15.1","v10.15.2","v10.16.0","v10.17.0","v10.17.2","v10.2.0","v10.3.0","v10.4.0","v10.4.1","v10.4.2","v10.4.3","v10.5.0","v10.6.0","v10.6.1","v10.7.0","v10.7.1","v10.8.0","v10.8.1","v10.9.0","v10.9.1","v10.9.2","v10.9.3","v11.0.0","v11.1.0","v11.1.1","v11.2.0","v11.2.1","v11.2.4","v11.2.5","v11.3.0","v11.4.0","v11.4.1","v11.4.3","v11.4.4","v11.5.0","v11.5.1","v11.5.2","v11.6.0","v11.6.1","v11.7.0","v12.0.0","v12.0.1","v12.0.2","v12.0.3","v12.1.0","v12.2.0","v12.3.0","v12.3.1","v13.0.0","v13.1.0","v13.10.0","v13.10.1","v13.11.0","v13.11.1","v13.2.0","v13.3.1","v13.30","v13.4.0","v13.5.0","v13.6.0","v13.7.0","v13.8.0","v13.8.1","v13.8.2","v13.9.0","v14.0.0","v14.0.1","v14.1.0","v14.1.1","v14.2.0","v14.3.0","v14.4.0","v14.4.1","v14.4.2","v14.5.0","v14.5.1","v14.5.2","v15.0.0","v15.0.1","v15.1.0","v15.1.1","v15.2.0","v15.3.0","v15.4.0","v15.4.1","v15.4.2","v15.4.3","v15.5.0","v15.6.0","v15.6.1","v15.6.3","v16.0.0","v16.0.1","v16.1.0","v16.2.0","v16.2.1","v16.3.0","v16.4.0","v16.4.1","v16.4.2","v16.5.0","v16.5.1","v16.6.0","v16.6.1","v16.6.2","v16.7.0","v16.7.1","v16.8.0","v16.8.1","v16.8.2","v16.8.3","v16.8.4","v17.0.0","v17.0.1","v17.0.3","v17.1.0","v17.1.1","v17.1.2","v17.10.0","v17.2.0","v17.3.0","v17.3.1","v17.4.0","v17.5.0","v17.6.0","v17.7.0","v17.8.0","v17.9.0","v18.0.0","v18.0.1","v18.1.0","v18.1.1","v18.2.1","v18.3.0","v18.3.5","v18.4.0","v18.5.0","v18.5.1","v18.6.0","v18.6.2","v18.7.0","v18.8.0","v19.0.0","v19.0.2","v19.1.0","v19.10.0","v19.11.0","v19.11.1","v19.12.0","v19.13.0","v19.14.0","v19.15.0","v19.15.1","v19.15.5","v19.16.0","v19.16.1","v19.16.2","v19.16.3","v19.17.0","v19.18.0","v19.18.1","v19.19.1","v19.2.2","v19.2.3","v19.2.7","v19.20.0","v19.20.1","v19.21.0","v19.22.0","v19.22.1","v19.22.2","v19.23.0","v19.24.0","v19.24.1","v19.24.2","v19.24.4","v19.25.0","v19.25.1","v19.25.2","v19.26.0","v19.26.2","v19.27.0","v19.27.1","v19.27.3","v19.28.0","v19.28.1","v19.28.4","v19.29.0","v19.29.1","v19.29.2","v19.3.0","v19.30.0","v19.30.1","v19.30.2","v19.30.3","v19.30.4","v19.31.2","v19.32.0","v19.32.1","v19.32.2","v19.33.0","v19.34.0","v19.34.2","v19.34.3","v19.35.0","v19.35.1","v19.36.0","v19.36.1","v19.37.0","v19.37.1","v19.37.2","v19.38.0","v19.39.0","v19.4.0","v19.4.1","v19.4.2","v19.40.0","v19.41.0","v19.42.0","v19.42.2","v19.43.0","v19.43.1","v19.43.2","v19.43.3","v19.43.4","v19.44.0","v19.45.0","v19.45.1","v19.45.2","v19.45.5","v19.46.1","v19.46.2","v19.46.3","v19.46.4","v19.46.9","v19.47.0","v19.47.1","v19.48.0","v19.48.2","v19.48.3","v19.49.0","v19.49.2","v19.49.3","v19.49.4","v19.5.0","v19.5.1","v19.5.3","v19.5.4","v19.50.0","v19.51.0","v19.52.0","v19.52.1","v19.53.0","v19.53.1","v19.53.3","v19.53.4","v19.53.5","v19.53.6","v19.53.7","v19.54.0","v19.55.0","v19.55.1","v19.55.2","v19.55.3","v19.56.0","v19.56.1","v19.56.2","v19.6.0","v19.6.1","v19.6.2","v19.6.3","v19.7.0","v19.7.2","v19.7.3","v19.8.0","v19.9.0","v19.9.1","v2.0.0","v2.0.2","v2.1.0","v2.1.1","v2.10.0","v2.10.1","v2.11.0","v2.2.0","v2.3.0","v2.3.1","v2.4.0","v2.5.0","v2.6.0","v2.7.2","v2.8.0","v2.8.1","v2.8.2","v2.8.3","v2.8.4","v2.8.5","v2.8.6","v2.9.0","v2.9.1","v2.9.2","v2.9.3","v2.9.4","v2.9.5","v20.0.0","v20.0.1","v20.0.2","v20.0.3","v20.0.4","v20.0.5","v20.0.6","v20.0.7","v20.0.8","v20.0.9","v20.1.0","v20.1.1","v20.10.0","v20.11.0","v20.11.1","v20.12.0","v20.13.0","v20.13.1","v20.13.2","v20.13.3","v20.13.4","v20.13.5","v20.14.1","v20.14.2","v20.14.3","v20.14.6","v20.14.7","v20.15.0","v20.15.2","v20.15.3","v20.16.0","v20.16.1","v20.16.4","v20.17.0","v20.17.1","v20.17.2","v20.18.0","v20.19.0","v20.19.1","v20.19.2","v20.2.0","v20.2.1","v20.20.0","v20.20.3","v20.20.4","v20.21.0","v20.21.2","v20.22.0","v20.22.1","v20.23.0","v20.23.1","v20.24.0","v20.24.1","v20.24.2","v20.24.3","v20.24.5","v20.25.0","v20.26.0","v20.26.1","v20.27.0","v20.27.1","v20.28.1","v20.28.2","v20.28.3","v20.28.4","v20.29.0","v20.29.1","v20.3.0","v20.3.1","v20.30.0","v20.31.0","v20.31.1","v20.31.2","v20.31.3","v20.32.0","v20.33.0","v20.33.1","v20.33.2","v20.34.0","v20.35.0","v20.36.0","v20.36.1","v20.36.2","v20.37.0","v20.38.0","v20.38.1","v20.38.2","v20.38.3","v20.38.4","v20.38.5","v20.39.0","v20.4.0","v20.4.1","v20.40.0","v20.40.2","v20.41.0","v20.42.0","v20.43.0","v20.44.0","v20.44.1","v20.44.2","v20.44.3","v20.44.4","v20.5.0","v20.5.1","v20.6.0","v20.6.1","v20.7.1","v20.8.0","v20.8.1","v20.8.2","v20.9.0","v20.9.2","v21.0.1","v21.0.10","v21.0.12","v21.0.14","v21.0.15","v21.0.2","v21.0.3","v21.0.4","v21.0.5","v21.0.6","v21.0.8","v21.0.9","v21.1.0","v21.1.2","v21.1.3","v21.1.5","v21.2.0","v22.0.0","v22.1.0","v22.10.0","v22.10.2","v22.10.3","v22.10.4","v22.10.5","v22.11.1","v22.11.11","v22.11.2","v22.11.3","v22.11.4","v22.11.5","v22.11.7","v22.11.8","v22.11.9","v22.12.0","v22.12.1","v22.13.0","v22.13.1","v22.14.10","v22.14.11","v22.14.12","v22.14.13","v22.14.2","v22.14.3","v22.14.4","v22.14.5","v22.14.6","v22.14.7","v22.14.8","v22.14.9","v22.2.0","v22.3.0","v22.3.1","v22.3.2","v22.3.4","v22.3.5","v22.3.6","v22.4.0","v22.5.0","v22.5.1","v22.6.0","v22.6.1","v22.7.0","v22.8.0","v22.8.1","v22.9.1","v23.0.0","v23.0.0-alpha.0","v23.0.0-alpha.1","v23.0.0-alpha.2","v23.0.0-alpha.3","v23.0.0-alpha.4","v23.0.1","v23.0.2","v23.0.3","v23.0.4","v23.0.6","v23.0.7","v23.0.8","v23.0.9","v23.1.0","v23.2.0","v23.3.0","v23.3.1","v23.3.2","v23.3.3","v23.4.0","v23.5.0","v23.5.1","v23.6.0","v24.0.0","v24.0.0-alpha.1","v24.0.0-alpha.10","v24.0.0-alpha.11","v24.0.0-alpha.12","v24.0.0-alpha.13","v24.0.0-alpha.2","v24.0.0-alpha.3","v24.0.0-alpha.4","v24.0.0-alpha.5","v24.0.0-alpha.6","v24.0.0-alpha.7","v24.0.0-alpha.8","v24.0.0-alpha.9","v24.1.0","v24.1.1","v24.1.2","v24.1.3","v24.10.0","v24.11.0","v24.12.0","v24.13.0","v24.13.1","v24.13.2","v24.13.3","v24.13.4-alpha.0","v24.2.0","v24.2.1","v24.3.0","v24.4.0","v24.5.0","v24.5.1","v24.5.2","v24.6.0","v24.6.1","v24.6.2","v24.6.3","v24.6.4","v24.6.5","v24.7.0","v24.8.0","v24.8.1","v24.9.0","v24.9.1","v24.9.2","v24.9.3","v24.9.4","v25.0.0-alpha.1","v25.0.0-alpha.10","v25.0.0-alpha.2","v25.0.0-alpha.3","v25.0.0-alpha.4","v25.0.0-alpha.5","v25.0.0-alpha.6","v25.0.0-alpha.7","v25.0.0-alpha.8","v25.0.0-alpha.9","v28.0.0","v29.30.0","v3.0.0","v3.0.1","v3.0.2","v3.1.0","v3.1.1","v3.1.2","v3.10.0","v3.11.0","v3.12.0","v3.13.0","v3.13.1","v3.14.0","v3.15.0","v3.16.0","v3.16.1","v3.17.0","v3.17.1","v3.18.0","v3.19.0","v3.2.0","v3.20.0","v3.21.0","v3.22.0","v3.22.1","v3.22.2","v3.23.0","v3.24.0","v3.25.0","v3.26.0","v3.26.1","v3.26.2","v3.26.3","v3.27.0","v3.3.0","v3.3.1","v3.4.0","v3.5.0","v3.5.1","v3.5.2","v3.6.0","v3.6.1","v3.6.2","v3.6.3","v3.7.0","v3.8.0","v3.9.0","v4.0.0","v4.1.0","v4.2.0","v4.2.1","v4.2.2","v4.2.3","v4.2.4","v4.2.5","v4.2.6","v5.0.0","v5.0.1","v5.0.2","v5.0.3","v5.1.0","v5.10.0","v5.10.1","v5.10.2","v5.10.3","v5.10.4","v5.10.5","v5.11.0","v5.11.1","v5.11.2","v5.11.3","v5.12.0","v5.12.1","v5.13.0","v5.13.1","v5.14.0","v5.14.1","v5.14.2","v5.15.0","v5.16.0","v5.17.0","v5.17.1","v5.18.0","v5.19.0","v5.19.1","v5.2.0","v5.2.1","v5.20.0","v5.22.1","v5.22.2","v5.23.0","v5.23.1","v5.23.2","v5.24.0","v5.24.1","v5.25.0","v5.25.1","v5.26.0","v5.27.0","v5.28.0","v5.28.1","v5.28.2","v5.29.0","v5.3.0","v5.30.0","v5.31.0","v5.31.1","v5.32.0","v5.32.1","v5.33.0","v5.34.0","v5.34.1","v5.35.0","v5.4.0","v5.4.1","v5.4.2","v5.4.3","v5.4.4","v5.5.0","v5.6.0","v5.6.1","v5.6.2","v5.6.3","v5.7.0","v5.8.0","v5.9.0","v6.0.0","v6.0.1","v6.0.2","v6.0.3","v6.1.0","v6.2.0","v6.3.0","v6.3.1","v6.3.2","v6.3.3","v6.3.4","v6.3.5","v6.4.0","v6.4.1","v6.5.0","v6.5.1","v6.5.2","v6.6.0","v6.6.1","v6.7.0","v6.7.1","v6.7.2","v6.7.3","v6.7.4","v6.7.5","v6.7.6","v6.7.7","v7.0.0","v7.0.1","v7.1.0","v7.10.0","v7.10.1","v7.10.2","v7.10.3","v7.11.0","v7.11.1","v7.11.2","v7.11.3","v7.11.4","v7.12.0","v7.12.1","v7.12.2","v7.13.0","v7.13.1","v7.14.0","v7.14.1","v7.14.2","v7.15.0","v7.15.1","v7.15.2","v7.16.0","v7.17.0","v7.17.1","v7.18.0","v7.18.1","v7.19.0","v7.19.1","v7.2.0","v7.20.0","v7.21.0","v7.22.0","v7.22.1","v7.23.0","v7.23.1","v7.23.2","v7.24.0","v7.24.1","v7.24.2","v7.25.0","v7.26.0","v7.3.0","v7.4.0","v7.5.0","v7.6.0","v7.7.0","v7.8.0","v7.9.0","v8.0.0","v8.1.0","v8.2.0","v8.2.1","v8.3.0","v8.4.0","v8.4.1","v8.5.0","v8.5.1","v8.5.2","v8.5.3","v8.6.0","v8.7.0","v9.0.0","v9.0.1","v9.1.0","v9.2.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-39698.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}