Attackers May Be Able To Hack Games And Cloud Services Because Of a Bug In The Squirrel Engine 

Attackers May Be Able To Hack Games And Cloud Services Because Of a Bug In The Squirrel Engine 

Researchers discovered an out-of-bounds read flaw in the Squirrel programming language, which attackers may exploit to bypass sandbox constraints and run arbitrary code within a SquirrelVM, allowing a malicious actor total control over the underlying device.

The problem is tracked as CVE-2021-41556, and it affects stable release branches 3.x and 2.x of Squirrel. It arises when a gaming library known as Squirrel Engine is used to run untrusted code.

Squirrel is an open-source, object-oriented programming language that’s employed in IoT devices and distributed transaction processing platforms like Enduro/X, as well as for scripting video games.

Researchers Simon Scannell and Niklas Breitfeld said that in a real-world situation, an attacker might insert a malicious Squirrel script inside a community map and distribute it via the trustworthy Steam Workshop.

“An attacker can exploit an Out-Of-Bounds Read vulnerability (CVE-2021-41556) to escape a Squirrel VM and gain access to the underlying machine. This attack vector becomes relevant when a Squirrel Engine is used to execute untrusted code. This is the case with cloud services such as, for example Twilio Electric Imp or video games such as Counter-Strike: Global Offensive,” he said.

The Squirrel script gets launched, escapes its VM, and takes control of the server when the owner downloads and installs this harmful map onto his server.

When creating Squirrel classes, a security issue called “out-of-bounds access through index confusion” was discovered. Hackers may use it to hijack a program’s control flow and take complete control of the Squirrel VM.

While the problem was fixed as part of a code commit made on September 16, the modifications have yet to be incorporated in a new stable version. Maintainers relying on Squirrel in their projects are strongly advised to implement the most recent patches by rebuilding them from source code to protect themselves against potential assaults.


About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.