
image credit: wikimedia
Developed by the NSA’s Research Directorate for the agency’s cybersecurity missions, Ghidra is designed to help with malware analysis. The framework supports multiple platforms, including Windows, macOS, and Linux, and was released in open source earlier this year.
At the end of September, security researchers discovered a vulnerability in the tool that could allow an attacker to execute arbitrary code within the context of the affected application.
Tracked as CVE-2019-16941, the security flaw has a CVSS score of 9.8 and is considered “critical severity.”