vm2 Sandbox Escape Vulnerability in NodeVM with Nesting True Allowing Arbitrary OS Command Execution

A critical sandbox escape vulnerability has been identified in vm2 versions prior to 3.11.1. When a NodeVM is created with nesting enabled, sandboxed code can bypass require restrictions and access the vm2 module. This allows the execution of arbitrary operating system commands on the host. The vulnerability arises from the interaction between the nesting option and the module resolver, where require restrictions can be ignored, leading to a complete compromise of the application running untrusted code in this configuration.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the host operating system, with the same privileges as the user running the Node.js process. This could lead to unauthorized access to files, exfiltration of environment secrets, lateral movement across the host network, or the establishment of persistent access.

Reproduction

To reproduce this vulnerability, create a NodeVM instance with nesting enabled and require access disabled. Once the VM is created, sandboxed code can be executed that requires the vm2 module, bypassing the outer VM's restrictions. With access to vm2, an inner NodeVM can be created with custom require settings that allow the execution of OS commands.

Remediation

Users are advised to update vm2 to version 3.11.1 or later, where this vulnerability has been fixed.