Hwoodsend

Name of the Vulnerable Software and Affected Versions: PyInstaller versions prior to 6.0.0 Description: PyInstaller packages Python applications and their dependencies into a single package. A specially crafted entry appended to `sys.path` during the bootstrap process of a PyInstaller-frozen application, combined with the bootstrap script attempting to load an optional module for bytecode decryption, can allow an unprivileged attacker to execute arbitrary Python code. This requires the application to be built with PyInstaller versions prior to 6.0.0, with bytecode encryption disabled, and the attacker must be able to create files/directories in the same directory as the executable on a filesystem that supports `?` in filenames. Successful exploitation can lead to arbitrary code execution, potentially with elevated privileges if the executable is running with such privileges. Recommendations: PyInstaller versions prior to 6.0.0 should be upgraded to version 6.0.0 or later to remove support for bytecode encryption, effectively eliminating the attack vector. If upgrading is not feasible, ensure proper permissions on directories containing security-sensitive executables to mitigate the issue.