Skip to main content

CVE-2021-3305: n/a in n/a

High
VulnerabilityCVE-2021-3305cvecve-2021-3305
Published: Tue Oct 18 2022 (10/18/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Beijing Feishu Technology Co., Ltd Feishu v3.40.3 was discovered to contain an untrusted search path vulnerability.

AI-Powered Analysis

AILast updated: 07/03/2025, 15:27:37 UTC

Technical Analysis

CVE-2021-3305 is a high-severity vulnerability identified in Feishu version 3.40.3, a collaboration and communication platform developed by Beijing Feishu Technology Co., Ltd. The vulnerability is classified as an untrusted search path issue (CWE-426). This type of vulnerability occurs when an application searches for and loads executable files or libraries from directories that are not securely controlled or trusted, potentially allowing an attacker to influence the search path and execute malicious code. In this case, the vulnerability allows an attacker with local access (attack vector: local) to exploit the application by tricking it into loading malicious components due to improper path validation. The CVSS 3.1 base score of 7.8 indicates a high severity, with the vector string AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H meaning the attack requires local access, low attack complexity, no privileges required, but does require user interaction. The scope is unchanged, and the impact on confidentiality, integrity, and availability is high. Although no known exploits are currently reported in the wild and no patch links are provided, the vulnerability poses a significant risk if exploited, potentially allowing attackers to execute arbitrary code, compromise sensitive data, and disrupt service availability. The lack of detailed vendor or product information beyond Feishu v3.40.3 limits the ability to fully assess the attack surface, but the vulnerability is clearly tied to the Feishu client application.

Potential Impact

For European organizations using Feishu as part of their internal communication and collaboration infrastructure, this vulnerability could have serious consequences. Exploitation could lead to unauthorized code execution on user machines, resulting in data breaches, espionage, or disruption of business operations. Given Feishu's role in handling sensitive corporate communications, the confidentiality and integrity of information could be severely compromised. The requirement for local access and user interaction somewhat limits remote exploitation but does not eliminate risk, especially in environments where endpoint security is weak or where social engineering could induce user interaction. The potential for high impact on availability also raises concerns about operational continuity. Organizations in sectors with stringent data protection requirements, such as finance, healthcare, and government, could face regulatory and reputational damage if this vulnerability is exploited.

Mitigation Recommendations

European organizations should take immediate steps to mitigate this vulnerability. Since no official patch is currently referenced, organizations should: 1) Restrict local access to systems running Feishu to trusted users only, enforcing strict endpoint security policies. 2) Educate users about the risks of executing untrusted files or clicking on suspicious prompts, reducing the likelihood of successful user interaction exploitation. 3) Employ application whitelisting and endpoint detection and response (EDR) solutions to monitor and block unauthorized code execution attempts. 4) Review and harden the environment to ensure that the search paths used by Feishu do not include directories writable by unprivileged users. 5) Monitor vendor communications closely for any forthcoming patches or updates and plan for immediate deployment once available. 6) Consider isolating or sandboxing the Feishu client to limit the impact of potential exploitation. 7) Conduct regular audits and vulnerability assessments on endpoints running Feishu to detect signs of compromise early.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2021-01-25T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d9815c4522896dcbd6394

Added to database: 5/21/2025, 9:08:37 AM

Last enriched: 7/3/2025, 3:27:37 PM

Last updated: 8/16/2025, 1:43:58 AM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats