CVE-2020-24972

Name of the Vulnerable Software and Affected Versions GnuPG Kleopatra versions prior to 3.1.12 GnuPG Kleopatra versions prior to 20.07.80

Description The issue allows remote attackers to execute arbitrary code due to the unsafe handling of command-line options when supporting openpgp4fpr: URLs. Specifically, the Qt platformpluginpath command-line option can be used to load an arbitrary DLL, leading to code execution. A proof-of-concept for local code execution has been demonstrated using the --query option and the -platformpluginpath option to load a DLL from a shared directory.

Recommendations For versions prior to 3.1.12, update to version 3.1.12 or later. For versions prior to 20.07.80, update to version 20.07.80 or later. As a temporary workaround, consider restricting the use of the --query option and the -platformpluginpath command-line option until a patch is available. Avoid using the -platformpluginpath option to load DLLs from untrusted sources until the issue is resolved.