CVE-2025-24888: SecureDrop Client Path Traversal Flaw

CVE-2025-24888 Overview

CVE-2025-24888 is a path traversal vulnerability in the SecureDrop Client, a desktop application used by journalists to communicate with sources and work with submissions on the SecureDrop Workstation. This vulnerability allows a malicious SecureDrop Server to achieve code execution on the SecureDrop Client virtual machine (sd-app). The flaw exists in the code responsible for downloading replies, where the filename obtained from the Content-Disposition HTTP header is used to write encrypted reply files to disk without proper path validation before the initial write operation.

Critical Impact

A compromised SecureDrop Server can achieve arbitrary code execution on the SecureDrop Client VM by exploiting improper filename validation during reply downloads, potentially compromising journalist communications and source confidentiality.

Affected Products

• SecureDrop Client versions prior to 0.14.1
• SecureDrop Workstation installations using vulnerable client versions
• Qubes-based SecureDrop deployments with affected sd-app virtual machines

Discovery Timeline

• 2025-02-13 - CVE CVE-2025-24888 published to NVD
• 2026-04-15 - Last updated in NVD database

Technical Details for CVE-2025-24888

Vulnerability Analysis

This vulnerability represents a classic path traversal flaw (CWE-22) that enables remote code execution through an arbitrary file write primitive. The SecureDrop Client application downloads reply files from the SecureDrop Server and uses the filename provided in the HTTP Content-Disposition header to determine where to write the encrypted file on disk.

While the application does implement a safe_move() function that checks for path traversal attempts before moving files to the final storage directory, this validation occurs too late in the process. By the time the path traversal check is performed, the file has already been written to an attacker-controlled location on the filesystem. When safe_move() detects the malicious path and fails, it leaves the original downloaded file in the attacker-specified directory rather than cleaning it up.

An attacker who has compromised a SecureDrop Server can exploit this by crafting a malicious Content-Disposition header containing directory traversal sequences (e.g., ../) to write files outside the intended download directory. Code execution is achieved by writing a malicious autostart file to /home/user/.config/autostart/, which will be executed when the user session starts.

It's important to note that this attack requires prior compromise of the SecureDrop Server itself. A remote attacker posing as a source cannot exploit this vulnerability because filenames are generated and sanitized server-side, and files are transmitted in an encrypted format. The SecureDrop Server has multiple layers of built-in hardening and is only exposed via Tor hidden services.

Root Cause

The root cause of CVE-2025-24888 is insufficient input validation timing in the file download process. The vulnerability exists in the SecureDrop Client SDK's file handling code, where the filename from the Content-Disposition header is directly used to write files to disk without first sanitizing path traversal sequences. The security check implemented in safe_move() is applied only after the file has already been written, creating a time-of-check-time-of-use (TOCTOU) condition. The safe_move() function in utils.py properly detects path traversal attempts but fails to remediate the already-written malicious file, leaving it in place at the attacker-specified location.

Attack Vector

The attack requires network access and a previously compromised SecureDrop Server. An attacker who has gained control of the SecureDrop Server can craft HTTP responses with malicious Content-Disposition headers containing path traversal sequences. When the SecureDrop Client downloads a reply, the attacker-controlled filename causes the encrypted file to be written to an arbitrary location on the sd-app virtual machine filesystem. By targeting the autostart directory at /home/user/.config/autostart/, the attacker can achieve persistent code execution within the isolated VM environment. The attack complexity is considered high due to the prerequisite of server compromise, though no user interaction is required once the server is compromised.

For technical implementation details, refer to the GitHub Security Advisory GHSA-6c3p-chq6-q3j2 and the vulnerable SDK code.

Detection Methods for CVE-2025-24888

Indicators of Compromise

• Unexpected files appearing in /home/user/.config/autostart/ directory within the sd-app VM
• Anomalous file write operations outside the standard SecureDrop Client data directories
• Modified or new .desktop files in user autostart directories with unknown or suspicious commands
• Log entries showing safe_move() failures with path traversal error messages

Detection Strategies

• Monitor file system activity in the sd-app virtual machine for writes to sensitive directories like /home/user/.config/autostart/
• Implement file integrity monitoring (FIM) on the SecureDrop Workstation to detect unauthorized changes to system and user configuration directories
• Review SecureDrop Client logs for path traversal detection errors from the safe_move() function indicating attempted exploitation
• Audit downloaded reply filenames in SecureDrop Client logs for suspicious patterns containing ../ or absolute paths

Monitoring Recommendations

• Configure real-time alerting for any file creation events in the sd-app VM autostart directory
• Implement network monitoring on the SecureDrop Server to detect potential compromise indicators that could precede client exploitation
• Regularly audit the integrity of the SecureDrop Server infrastructure as server compromise is a prerequisite for this attack
• Enable verbose logging on SecureDrop Client installations to capture file operation details for forensic analysis

How to Mitigate CVE-2025-24888

Immediate Actions Required

• Upgrade SecureDrop Client to version 0.14.1 or later immediately to patch the path traversal vulnerability
• Review the sd-app virtual machine for any unexpected files in /home/user/.config/autostart/ and remove suspicious entries
• Audit SecureDrop Server infrastructure for signs of compromise as this attack requires a compromised server
• Consider rebuilding the sd-app VM from a known-good template if exploitation is suspected

Patch Information

Freedom of the Press Foundation has released version 0.14.1 of the SecureDrop Client which addresses this vulnerability. The fix ensures proper filename sanitization occurs before any file write operations, preventing path traversal attacks. The security patch can be reviewed in the commit log. Organizations should update their SecureDrop Workstation installations following the standard update procedures documented by the SecureDrop project.

Workarounds

• No official workarounds are available; upgrading to version 0.14.1 is the recommended remediation
• Temporarily disable reply downloading functionality if immediate patching is not possible, though this significantly impacts SecureDrop usability
• Implement additional access controls on the autostart directory within the sd-app VM as a defense-in-depth measure
• Increase monitoring and auditing of the SecureDrop Server to detect compromise attempts before client exploitation can occur

# Verify SecureDrop Client version
# Ensure version is 0.14.1 or later
securedrop-client --version

# Check for suspicious autostart entries in sd-app VM
ls -la /home/user/.config/autostart/

# Review file integrity in critical directories
find /home/user/.config/autostart/ -type f -newer /var/log/securedrop-client.log