CVE-2025-51387
GitKraken · Desktop
GitKraken Desktop versions 10.8.0 and 11.1.0 are vulnerable to code injection due to insecure Electron Fuse configurations, specifically enabling RunAsNode.
Executive summary
A critical code injection vulnerability in GitKraken Desktop allows attackers to execute arbitrary code due to misconfigured Electron Fuses.
Vulnerability
This vulnerability involves the insecure configuration of Electron Fuses, specifically the enablement of the 'RunAsNode' setting. This allows an attacker to inject and execute arbitrary code within the context of the application.
Business impact
Successful exploitation of this vulnerability permits unauthorized code execution, potentially leading to full system compromise, data exfiltration, or the installation of persistent backdoors. With a CVSS score of 9.8, this flaw represents a severe risk to organizational security, as it grants attackers the ability to bypass application-level security controls.
Remediation
Immediate Action: Update GitKraken Desktop to the latest available version provided by the vendor to remediate the insecure Fuse configuration.
Proactive Monitoring: Review system logs for unauthorized process execution or anomalous child processes spawned by the GitKraken application.
Compensating Controls: Utilize Endpoint Detection and Response (EDR) tools to monitor for suspicious command-line arguments associated with the application's executable.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
The severity of this code injection vulnerability necessitates immediate attention. Administrators should prioritize upgrading all instances of GitKraken Desktop to the latest patched version to neutralize the risk of arbitrary code execution.