Full Report
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog. The high-severity flaw, tracked as CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub Action to inject malicious code that enables a remote
Analysis Summary
For this summary, I will focus on the vulnerability explicitly detailed with a CVE identifier: the compromise of the `tj-actions/changed-files` GitHub Action. I will also incorporate details regarding the upstream compromise of `reviewdog/action-setup@v1` as it is directly related to the exploitation.
# Vulnerability: Active Exploitation of GitHub Action Supply Chain Leading to Secret Exposure (tj-actions/changed-files)
## CVE Details
- **CVE ID:** CVE-2025-30066
- **CVSS Score:** 8.6 (High)
- **CWE:** (Not explicitly stated, but related to Insecure design/Software Supply Chain compromise)
## Affected Systems
- **Products:** GitHub Action `tj-actions/changed-files` (specifically related to `v1` tag compromise). An upstream dependency, `reviewdog/action-setup@v1`, was also compromised, potentially affecting broader workflows.
- **Versions:** The malicious code was injected into the `tj-actions/changed-files` repository, affecting users who pulled the compromised version before remediation. The exploitation relied on a previous compromise of `reviewdog/action-setup@v1`.
- **Configurations:** CI/CD workflows utilizing the affected GitHub Action, especially those running with high-privilege Personal Access Tokens (PATs) or secrets that were consequently logged.
## Vulnerability Description
This vulnerability stems from a supply chain compromise where an attacker gained unauthorized access to the `tj-actions/changed-files` repository, likely via a compromised Personal Access Token (PAT) belonging to a maintainer. Malicious code was injected into the action, which executed when used in CI/CD workflows. This malicious payload was designed to read sensitive deployment secrets, keys, or tokens being used during the workflow run, exposing them via the workflow execution logs. This appears to be cascading attack, as the compromise relied on the attacker previously infiltrating the `reviewdog/action-setup@v1` action used by `tj-actions/changed-files`.
## Exploitation
- **Status:** **Actively Exploited** (Added to CISA KEV catalog).
- **Complexity:** Given the nature of supply chain attacks relying on compromised dependencies, the exploitation complexity for the end-user is likely **Low** once the malicious action is called.
- **Attack Vector:** **Network/Adjacent** (Requires a workflow configured to use the compromised Action).
## Impact
- **Confidentiality:** **High** (Exposure of sensitive secrets like AWS keys, GitHub PATs, npm tokens, and private RSA keys).
- **Integrity:** **Medium/High** (Depending on the exposed secrets' privileges).
- **Availability:** **Low** (The primary impact is data theft, not service destruction).
## Remediation
### Patches
- Users are advised to update to the latest version of `tj-actions/changed-files`, specifically **version 46.0.1**.
- Users must also review dependencies, particularly the upstream dependency `reviewdog/action-setup`, and ensure they are using versions not affected by the related compromise.
### Workarounds
1. **Immediate Secret Rotation:** Immediately rotate *all* secrets, tokens (PATs), and access keys used by CI/CD pipelines that utilized the affected action.
2. **Audit Logs:** Review GitHub actions logs for any suspicious output or files named `install.sh` containing appended Base64-encoded payloads or unusual data being logged.
3. **Review Contributor Access:** For organizations maintaining high-privilege repositories, review contributor access lists for related GitHub organizations to look for suspicious or automated invitations that could widen the attack surface.
## Detection
- **Indicators of Compromise:** Look for workflow logs containing evidence of Base64-encoded payloads, especially those targeting the creation or modification of files like `install.sh` within the build process. Monitoring outbound connections from CI runners during the build step might reveal exfiltration attempts.
- **Detection Methods and Tools:** SIEM/DLP systems should monitor CI/CD logs for patterns indicative of command execution or attempted secret disclosure. Use security scanning tools to check dependency trees for references to the known compromised versions of `tj-actions/changed-files` and `reviewdog/action-setup`.
## References
- CISA Alert regarding KEV inclusion based on CISA advisory dated March 18, 2025.
- Vendor/Researcher advisory detailing the compromise (Wiz blog post).
- [Vendor advisories](https://www.cisa.gov/news-events/alerts/2025/03/18/cisa-adds-two-known-exploited-vulnerabilities-catalog)
- [Relevant links - defanged](https://thehackernews.com/2025/03/cisa-warns-of-active-exploitation-in.html)