CVE-2023-37466 Overview
CVE-2023-37466 is a critical sandbox escape vulnerability in vm2, an advanced vm/sandbox library for Node.js. The library contains critical security issues that allow attackers to bypass Promise handler sanitization using the @@species accessor property, enabling escape from the sandbox to execute arbitrary code. This vulnerability potentially allows remote code execution inside the context of the vm2 sandbox.
Important: The maintenance of the vm2 project has been discontinued, and the library should not be used for production environments.
Critical Impact
Attackers can escape the vm2 sandbox through Promise handler sanitization bypass, enabling arbitrary code execution on systems running vulnerable versions. Given that vm2 is commonly used to execute untrusted code in isolated environments, this vulnerability completely undermines the security model of the sandbox.
Affected Products
- vm2 versions up to 3.9.19
- Node.js applications utilizing vm2 for sandboxed code execution
- Any system relying on vm2 for security isolation of untrusted JavaScript code
Discovery Timeline
- 2023-07-14 - CVE-2023-37466 published to NVD
- 2026-01-05 - Last updated in NVD database
Technical Details for CVE-2023-37466
Vulnerability Analysis
This vulnerability is classified as Code Injection (CWE-94) and represents a fundamental flaw in how vm2 sanitizes Promise handlers. The @@species accessor property in JavaScript allows objects to specify which constructor should be used when creating derived objects. In the context of vm2, this mechanism can be exploited to bypass the sandbox's Promise handler sanitization, giving attackers a pathway from the sandboxed environment to the host system.
The vulnerability allows network-based attacks without requiring any privileges or user interaction, and the scope is changed, meaning exploitation can affect resources beyond the vulnerable component. This makes it particularly dangerous for applications that use vm2 to execute user-supplied or untrusted JavaScript code.
Root Cause
The root cause lies in incomplete sanitization of the Promise object within the vm2 sandbox environment. The @@species accessor property (Symbol.species) was not properly handled, creating a bypass mechanism that allows sandboxed code to access objects and functionality outside the intended isolation boundary. The Promise object was exposed in the sandbox's setup-sandbox.js without adequate protection against species-based escape techniques.
Attack Vector
An attacker can craft malicious JavaScript code that exploits the @@species accessor property on Promise objects to break out of the vm2 sandbox. By manipulating how derived Promise instances are created, the attacker can access the host system's global context and execute arbitrary code outside the sandboxed environment. This attack vector is particularly concerning because:
- It requires no authentication or special privileges
- It can be executed remotely via any interface that accepts untrusted JavaScript for vm2 execution
- The sandbox escape provides full access to the Node.js host environment
// Security patch in lib/bridge.js - adds isProxy detection
const thisThrowOnKeyAccessHandler = thisObjectFreeze({
__proto__: null,
get(target, key, receiver) {
if (key === 'isProxy') return true;
if (typeof key === 'symbol') {
key = thisReflectApply(thisSymbolToString, key, []);
}
throw new VMError(`Unexpected access to key '${key}'`);
}
});
const emptyFrozenObject = thisObjectFreeze({
__proto__: null
});
const thisThrowOnKeyAccess = new ThisProxy(emptyFrozenObject, thisThrowOnKeyAccessHandler);
function SafeBase() {}
Source: GitHub Commit Reference
Detection Methods for CVE-2023-37466
Indicators of Compromise
- Unexpected process spawning or system command execution originating from Node.js applications using vm2
- Unusual network connections initiated from sandboxed execution contexts
- File system access or modifications from processes that should be sandboxed
- Memory access patterns indicating sandbox escape attempts through Promise manipulation
Detection Strategies
- Monitor for anomalous behavior in Node.js applications that utilize vm2, particularly unexpected child process creation or network activity
- Implement runtime application self-protection (RASP) to detect attempts to access objects outside the sandbox context
- Review application logs for JavaScript execution errors related to Promise or Symbol.species operations
- Deploy SentinelOne's behavioral AI to detect post-exploitation activity following a sandbox escape
Monitoring Recommendations
- Audit all applications in your environment that depend on the vm2 package using npm audit or yarn audit
- Implement comprehensive logging for all code executed within vm2 sandboxes
- Enable SentinelOne's Deep Visibility to monitor process trees and detect unauthorized code execution
How to Mitigate CVE-2023-37466
Immediate Actions Required
- Immediately upgrade vm2 to version 3.10.0 or later if continued use is necessary
- Strongly consider migrating away from vm2 entirely as the project has been discontinued
- Audit all applications that use vm2 and assess whether untrusted code execution is a feature
- Implement additional defense-in-depth measures such as containerization for any workloads that must execute untrusted JavaScript
Patch Information
The vulnerability is addressed in vm2 version 3.10.0. The patch modifies lib/bridge.js to add proxy detection and fixes the lib/setup-sandbox.js to remove the exposed local Promise object. The fix introduces an isProxy check in the key access handler and corrects the spelling of emptyFrozenObject while removing the direct Promise exposure from the sandbox global context.
Key changes from the GitHub Commit:
// Security patch in lib/setup-sandbox.js - removes Promise from exposed globals
Proxy: LocalProxy,
WeakMap: LocalWeakMap,
Function: localFunction,
eval: localEval
} = global;
Source: GitHub Commit Reference
Workarounds
- Migrate to alternative sandboxing solutions such as isolated-vm, which uses V8 isolates for stronger security guarantees
- Run vm2-dependent applications in containerized environments with strict resource and network restrictions
- Implement strict input validation to prevent execution of untrusted JavaScript code entirely
- Consider using WebAssembly-based sandboxing for executing untrusted code if JavaScript execution is required
# Check if vm2 is installed and identify version
npm list vm2
# Upgrade to patched version if continued use is necessary
npm update vm2@3.10.0
# Alternative: Remove vm2 and migrate to isolated-vm
npm uninstall vm2
npm install isolated-vm
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
