Pyodide Sandbox Escape Leads to Grist-Core RCE Vulnerability
▼ Summary
– A critical sandbox escape vulnerability in Grist-Core allows remote code execution via a malicious spreadsheet formula, bypassing its Pyodide WebAssembly sandbox.
– The flaw, with a CVSS score of 9.1, enables attackers to execute OS commands or JavaScript from a spreadsheet, turning data processing into an execution surface.
– The risk is heightened because Grist is deployed as SaaS and self-hosted software, positioning it close to sensitive customer data and operational systems.
– In managed SaaS environments, a compromise could affect the vendor’s multi-tenant control plane, granting access to credentials and enabling lateral movement.
– The vulnerability is patched in version 1.7.9 by adding a Deno isolation layer, and users are urged to upgrade and treat formula execution as privileged.
A critical security flaw in Grist-Core, a programmable spreadsheet platform, has been patched after researchers discovered it allowed remote code execution through a malicious spreadsheet formula. This high-severity vulnerability, with a CVSS score of 9.1, could transform a simple data file into a powerful attack tool, compromising the underlying host system.
The issue resides in Grist’s Python formula execution layer. To safely evaluate untrusted user formulas, Grist uses Pyodide, a Python runtime that runs in a WebAssembly sandbox within a browser. Researchers from Cyera Research Labs found a method to break out of this sandbox entirely. By leveraging Python’s object model alongside accessible ctypes and Emscripten runtime hooks, a specially crafted formula could traverse into the host runtime. This allowed the execution of arbitrary operating system commands or JavaScript, turning a routine data-processing step into a severe execution threat.
What makes this vulnerability particularly concerning is its delivery method. The exploit isn’t a traditional injection attack but is delivered as legitimate spreadsheet content. It follows the same trusted paths Grist uses to evaluate any other formula. Once the sandbox boundary is breached, the spreadsheet ceases to be a passive document and becomes an active beachhead for compromising the server.
The risk is amplified in software-as-a-service deployments, where Grist operates in vendor-managed environments hosting data for multiple customers. In these scenarios, a sandbox escape is not merely a local compromise but a breach within the control plane that orchestrates workflows for numerous tenants. Grist often acts as a programmable data plane, connecting various SaaS systems, internal databases, and business processes, making a successful exploit a gateway to extensive lateral movement.
Public adoption data shows Grist is used by government entities, over a thousand educational institutions, and commercial teams in sectors like marketing and game design. These are production environments handling sensitive operational data, not isolated test cases. A successful attack could lead to access to environment variables, configuration files, stored credentials, and ultimately, adjacent integrated systems.
In response, the Grist security team has released a fix in version 1.7.9. The primary mitigation involves running the Pyodide environment under Deno by default, which adds a robust, permission-based isolation layer. System administrators and users are strongly advised to upgrade immediately. Furthermore, they should avoid any configuration that bypasses the Deno layer and begin treating formula execution with the caution it warrants, as a privileged capability, not merely as inert spreadsheet content.
(Source: InfoSecurity Magazine)
