Skip to main content

MVT CVE-2026-46486

| EUVDEUVD-2026-35186 MEDIUM
Path Traversal (CWE-22)
2026-05-21 https://github.com/mvt-project/mvt GHSA-5h3g-px23-w6vw
5.3
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

3
CVSS changed
Jun 08, 2026 - 19:22 NVD
5.3 (MEDIUM)
Source Code Evidence Fetched
May 21, 2026 - 18:01 vuln.today
Analysis Generated
May 21, 2026 - 18:01 vuln.today

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 1 pypi packages depend on mvt (1 direct, 0 indirect)

Ecosystem-wide dependent count for version 2026.5.12.

DescriptionGitHub Advisory

Summary

The fileID field from Manifest.db (a SQLite database inside iOS backups, generated by the device) is used directly in filesystem path construction without validation. This affects two commands through a shared code path:

  • mvt-ios decrypt-backup (decrypt.py): file_id is used to construct both read source and write destination paths. Traversal sequences in file_id cause decrypted content to be written to an arbitrary location on the analyst's filesystem.
  • mvt-ios check-backup (via _get_backup_file_from_id() in ios/modules/base.py): the same unvalidated fileID resolves to files outside the backup directory, which are then opened and parsed. Parsed contents flow into JSON results and CSV timeline.

Impact

File write (decrypt-backup): An adversary delivering a crafted iOS backup can cause attacker controlled content to be written to arbitrary paths writable by the analyst process. This could be leveraged for code execution via shell profile modification or SSH key injection. Severity is assessed as Moderate because exploitation requires a specifically crafted malicious bundle to be parsed by the analyst. There are trust mitigations between stakeholders involved in the handoff of the sample that reduce the likelihood of this scenario.

File read (check-backup): An adversary can force MVT to open and parse files outside the backup directory. Practical exploitation is reduced as it requires the attacker to know or guess the analyst’s directory layout for cross-case targeting, and the traversed file from the host must be a valid SQLite database or plist whose schema matches what the specific MVT module expects.

Patched version

2026.5.12

Credits

This issue was identified during a security assessment conducted by 0xche.

AnalysisAI

Path traversal in Mobile Verification Toolkit (MVT) pip/mvt versions through 2026.4.28 allows an adversary who delivers a crafted iOS backup to trigger arbitrary file writes or reads on the analyst's filesystem by embedding directory traversal sequences in fileID values within the backup's Manifest.db SQLite database. The decrypt-backup command can write attacker-controlled content to arbitrary writable paths - enabling shell profile modification or SSH key injection for code execution - while check-backup can read arbitrary host files into MVT's JSON and CSV forensic output. No public exploit has been identified at time of analysis; vendor-released patch v2026.5.12 is available.

Technical ContextAI

MVT is a Python-based forensic tool used by security analysts to examine iOS device backups for indicators of compromise such as stalkerware or nation-state spyware. iOS backups contain a SQLite database called Manifest.db that maps fileID values to backed-up device files. The root cause is CWE-22 (Path Traversal): MVT ingests the fileID field from Manifest.db and uses it directly in filesystem path construction without sanitizing traversal sequences. The vulnerability manifests in two distinct code paths - decrypt.py (decrypt-backup command) uses fileID to construct both read source and write destination paths, while _get_backup_file_from_id() in ios/modules/base.py (check-backup command) resolves fileID to open and parse files whose contents flow into JSON results and CSV timelines. The affected package is pkg:pip/mvt, confirmed by GHSA-5h3g-px23-w6vw.

RemediationAI

Upgrade MVT to version 2026.5.12 or later, which resolves the path traversal by adding validation to fileID values before filesystem path construction. Install via pip with: pip install --upgrade mvt. The patched release is available at https://github.com/mvt-project/mvt/releases/tag/v2026.5.12 and the security advisory is at https://github.com/mvt-project/mvt/security/advisories/GHSA-5h3g-px23-w6vw. If immediate patching is not feasible, restrict MVT processing to iOS backups obtained exclusively from fully trusted, controlled, and verified sources - do not process backups received from unknown or potentially adversarial parties. As a defense-in-depth compensating control, run MVT inside a container or sandbox with filesystem volume mounts restricted to only the backup directory and a designated output directory; this limits path traversal write impact to the container scope, though it adds operational overhead to the forensic workflow.

Share

CVE-2026-46486 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy