CVE-2022-1537

Name of the Vulnerable Software and Affected Versions GruntJS versions prior to 1.5.3

Description The issue concerns a TOCTOU (Time-of-Check-to-Time-of-Use) race condition in file.copy operations. This can lead to arbitrary file writes, potentially resulting in local privilege escalation if a lower-privileged user has write access to both source and destination directories. For instance, a lower-privileged user could create a symlink to the GruntJS user's .bashrc file or replace the /etc/shadow file if the GruntJS user has root privileges.

Recommendations For versions prior to 1.5.3, update to version 1.5.3 or later to resolve the issue. As a temporary workaround, consider restricting write access to source and destination directories to prevent exploitation. Additionally, monitor file system changes and access logs to detect potential malicious activity.