emp3r0r Command and Control Software Concurrent Map Access Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in emp3r0r, a command and control (C2) tool for Linux environments. Prior to version 3.21.2, the software accessed multiple shared maps without proper synchronization across goroutines. This lack of consistent locking allowed the Go runtime to encounter a fatal error, leading to a crash of the C2 process. The issue arises under concurrent activity, where mixed access patterns to shared maps can trigger a panic, causing a loss of availability.

Impact

Exploitation of this vulnerability causes the C2 process to panic and crash, interrupting the service. This denial-of-service condition can destabilize operations, especially under load or with deliberate session churn, degrading the reliability of command execution and incident response.

Reproduction

To reproduce this vulnerability, start the C2 server with active operator sessions. Then, generate rapid churn by connecting and disconnecting sessions while simultaneously driving agent message traffic or file transfers. This will create a conflict in the shared maps, causing the Go runtime to panic with a concurrent map error, which can be confirmed by observing the crash signature in the logs.

Remediation

Users should update to emp3r0r version 3.21.2 or later, where this issue has been fixed.