CVE-2023-29017: Critical vm2 Sandbox Escape Leads to Host RCE

The vm2 library is a prominent Node.js module designed to execute untrusted code within a secure, isolated environment. With millions of weekly downloads, it is a foundational component for many platforms that allow users to run custom scripts or perform server-side data processing. However, the discovery of CVE-2023-29017 has highlighted a severe flaw in this isolation mechanism. According to Bleeping Computer, this CVE allows a remote attacker to escape the sandbox and execute arbitrary commands on the underlying host system, carrying a maximum CVSS score of 10.0.

Technical Analysis of CVE-2023-29017 Sandbox Escape

The vulnerability, discovered by security researcher SeungHyun Lee, resides in the way vm2 handles the Error.prepareStackTrace property when an asynchronous error occurs. In a standard Node.js environment, Error.prepareStackTrace is a function that can be customized to format stack traces. The vm2 library attempts to wrap and proxy various global objects to prevent them from leaking host-side functionality to the sandboxed code.

However, by specifically manipulating how asynchronous errors are triggered, an attacker can bypass these proxy protections. The exploit involves overwriting the prepareStackTrace method and triggering an error that causes the host-side Error object to interact with the sandboxed version. This interaction allows the attacker to access the host’s process object or other sensitive globals, facilitating a full RCE. Because the escaped code runs with the same permissions as the Node.js process itself, this can lead to total system compromise, including unauthorized data access and Lateral Movement within the network.

How to detect CVE-2023-29017 exploit

Security professionals and SOC teams should monitor for unusual child process spawning originating from Node.js applications that utilize the vm2 library. Patterns consistent with the MITRE ATT&CK technique T1203 (Exploitation for Client Execution) may be visible in system logs. Specifically, look for calls to /bin/sh or cmd.exe that are not part of the application’s normal operational baseline. Since the exploit leverages the manipulation of error objects, high volumes of unhandled asynchronous errors in application logs may also serve as a preliminary IoC.

Remediation and Mitigation Strategies

The primary and most effective remediation is to update the library to the latest version. The Node.js vm2 library RCE fix was introduced in version 3.9.15, which specifically addresses the handling of the stack trace formatting logic to prevent the sandbox escape.

vm2 3.9.14 sandbox escape mitigation

For organizations unable to update immediately, the following steps are recommended:

• Disable User Scripting: If the functionality is not essential, disable the feature that allows users to submit or run custom JavaScript through vm2.
• Implement Strict Input Validation: While difficult for complex scripts, validating the structure of submitted code to prevent the use of Error.prepareStackTrace can reduce the attack surface.
• Network Segmentation: Ensure that the server running the vm2 instance has restricted network access to prevent an attacker from reaching internal management interfaces or C2 servers after a successful escape.

Given the history of sandbox escapes in vm2 and similar libraries, developers should evaluate if a Zero Trust approach to execution is required. In high-risk scenarios, moving isolation to a more robust level—such as using hardware-level virtualization or containers with restricted syscall access—may provide more durable security than software-based JavaScript sandboxing alone.