Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2025-46334

CVE-2025-46334: Git GUI Remote Code Execution Vulnerability

CVE-2025-46334 is a remote code execution vulnerability in Git GUI that exploits Tcl's search path on Windows to execute malicious code. This article covers technical details, affected versions, impact, and mitigation.

Updated:

CVE-2025-46334 Overview

CVE-2025-46334 is a command injection vulnerability in Git GUI, the graphical user interface tool for Git source control management. The vulnerability stems from an unsafe executable search path behavior in Tcl on Windows, where the current working directory is always included in the search path when looking for executables. This allows a malicious repository to include rogue versions of sh.exe or typical textconv filter programs such as astextplain, which are then executed when a user selects "Git Bash" or "Browse Files" from the Git GUI menu.

Critical Impact

Attackers can achieve arbitrary code execution with the privileges of the current user by crafting a malicious Git repository containing weaponized executables that masquerade as legitimate system utilities.

Affected Products

  • Git GUI versions prior to 2.43.7
  • Git GUI versions 2.44.x prior to 2.44.4
  • Git GUI versions 2.45.x prior to 2.45.4
  • Git GUI versions 2.46.x prior to 2.46.4
  • Git GUI versions 2.47.x prior to 2.47.3
  • Git GUI versions 2.48.x prior to 2.48.2
  • Git GUI versions 2.49.x prior to 2.49.1
  • Git GUI versions 2.50.x prior to 2.50.1

Discovery Timeline

  • 2025-07-10 - CVE-2025-46334 published to NVD
  • 2025-11-04 - Last updated in NVD database

Technical Details for CVE-2025-46334

Vulnerability Analysis

This vulnerability is classified as CWE-78 (Improper Neutralization of Special Elements used in an OS Command), commonly known as Command Injection. The flaw exists because of an architectural design issue in how Tcl handles executable lookups on Windows systems. When Git GUI attempts to invoke external programs like sh.exe or textconv filters, Tcl's implementation includes the current working directory in the executable search path before checking standard system paths.

When a user opens a malicious repository in Git GUI and triggers certain menu actions, the application searches for required executables starting from the repository's root directory. An attacker who controls the repository can place a malicious executable (such as a trojanized sh.exe or astextplain) in the repository root, which will be executed instead of the legitimate system utility.

Root Cause

The root cause is the unfortunate design decision in Tcl on Windows where the executable search path always includes the current working directory. Combined with Git GUI's reliance on external programs for certain operations, this creates a scenario where user-controlled directories (such as cloned repositories) can influence which executables are invoked. The vulnerability specifically manifests when:

  1. A user clones or opens a malicious repository
  2. The user navigates to Git GUI menu options like "Git Bash" or "Browse Files"
  3. Git GUI invokes external programs without specifying absolute paths
  4. Tcl's search path resolution finds and executes the attacker-controlled binary

Attack Vector

The attack requires local access to the system, specifically through a malicious Git repository that the victim must clone and interact with using Git GUI. The attacker prepares a repository containing malicious executables named after programs that Git GUI invokes, such as sh.exe or astextplain. When the victim opens this repository in Git GUI and uses features that trigger external program execution, the malicious binaries run with the user's privileges.

The attack is effective because it exploits a trusted workflow: developers routinely clone repositories and use GUI tools to browse them. Since the malicious executables reside within what appears to be a normal repository, they may evade casual inspection.

Detection Methods for CVE-2025-46334

Indicators of Compromise

  • Presence of unexpected sh.exe, astextplain, or other executable files in the root directory of Git repositories
  • Execution of processes from repository working directories rather than system paths (e.g., C:\Windows\System32 or Git installation directories)
  • Process execution chains showing git-gui spawning suspicious child processes from non-standard locations
  • Unusual network connections or system modifications following Git GUI usage

Detection Strategies

  • Monitor for executable file creation events within Git repository directories, particularly files matching known Git utility names
  • Implement application allowlisting to prevent execution of binaries from user-writable directories
  • Deploy endpoint detection rules to alert on Git GUI spawning processes from the current working directory rather than expected system paths
  • Scan repositories upon cloning for executable files that match names of commonly invoked Git utilities

Monitoring Recommendations

  • Enable process creation auditing on Windows endpoints to track parent-child process relationships involving Git GUI
  • Configure SentinelOne behavioral AI to detect anomalous process execution patterns from Git repository paths
  • Establish baseline profiles for normal Git GUI behavior and alert on deviations
  • Monitor file system activity in repository directories for newly created executable files

How to Mitigate CVE-2025-46334

Immediate Actions Required

  • Update Git GUI to a patched version: 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, or 2.50.1 or later
  • Audit existing cloned repositories for suspicious executable files in root directories
  • Educate developers about the risks of cloning repositories from untrusted sources
  • Consider temporarily restricting Git GUI usage until patches are applied

Patch Information

Security patches have been released across multiple Git version branches. The fix addresses the executable search path behavior to prevent current directory lookups. Detailed patch changes can be reviewed in the GitHub Comparison Overview. Additional vulnerability details are available in the GitHub Security Advisory GHSA-7px4-9hg2-fvhx and the Openwall OSS-Security Discussion.

Workarounds

  • Avoid using Git GUI to open repositories from untrusted or unknown sources until patches are applied
  • Use command-line Git instead of Git GUI for interactions with potentially untrusted repositories
  • Implement repository scanning policies to detect and block repositories containing suspicious executables in root directories
  • Configure Windows application control policies to prevent execution of binaries from common repository storage locations

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne