In NSA Ghidra through 9.0.4, path traversal can occur in RestoreTask.java (from the package ghidra.app.core.org/releaseNotes_9.1_final. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidran modules, e.g., the decompile module. The vulnerability has been modified since it was last analyzed by the NVD.”]