CVE-2024-33870 is a path traversal vulnerability identified in Artifex Ghostscript versions prior to 10.03.1. Ghostscript is a widely used interpreter for PostScript and PDF files, often employed in printing, document processing, and embedded systems. The vulnerability stems from improper sanitization of file paths within PostScript documents. Specifically, an attacker can craft a PostScript file containing relative path sequences such as ../../foo, which Ghostscript incorrectly transforms to ./../../foo. If the current directory is included in the permitted paths, this manipulation allows unauthorized access to arbitrary files outside the intended directory scope. This can lead to disclosure of sensitive files, potential modification of files, or disruption of service depending on the context in which Ghostscript is used. The vulnerability does not require authentication or user interaction, and the attack vector is remote if Ghostscript processes untrusted PostScript documents. The CVSS 3.1 base score is 6.3, reflecting medium severity with low attack complexity and no privileges required. No public exploits have been reported yet, but the flaw represents a significant risk in environments where Ghostscript processes documents from untrusted sources. The vulnerability is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory).

The primary impact of CVE-2024-33870 is unauthorized access to arbitrary files on systems running vulnerable versions of Ghostscript. This can lead to confidentiality breaches if sensitive files are exposed, such as configuration files, credentials, or private data. Integrity could be compromised if attackers leverage the vulnerability to overwrite or manipulate files, although this depends on the deployment context and file system permissions. Availability impacts are possible if critical files are deleted or corrupted, potentially disrupting document processing workflows or dependent services. Since Ghostscript is embedded in many print servers, document management systems, and software development tools, exploitation could affect a broad range of organizations globally. The vulnerability is particularly concerning in environments where Ghostscript processes documents from untrusted or external sources, such as public-facing web applications or automated document pipelines. The lack of required privileges and user interaction lowers the barrier for exploitation, increasing risk. However, the impact scope is somewhat limited by the need for the current directory to be in permitted paths, which may reduce exposure in some configurations.

To mitigate CVE-2024-33870, organizations should upgrade Ghostscript to version 10.03.1 or later, where the vulnerability is patched. Until patching is possible, restrict the directories that Ghostscript can access by configuring permitted paths carefully and avoiding including the current directory (./) in these paths. Implement strict file system permissions to limit Ghostscript's access to sensitive files and directories. Employ input validation and filtering to prevent processing of untrusted or malicious PostScript documents, especially in automated workflows or public-facing services. Consider sandboxing or containerizing Ghostscript processes to isolate potential exploitation impacts. Monitor logs for unusual file access patterns indicative of path traversal attempts. Additionally, review and harden any integration points where Ghostscript is invoked, ensuring minimal privileges and adherence to the principle of least privilege. Regularly audit and update Ghostscript deployments as part of vulnerability management processes.