VYPR
← All advisories
Critical severityNVD Advisory· Published Dec 9, 2025· Updated Dec 9, 2025

Insecure Temporary File Creation in Robocode's AutoExtract Component

CVE-2025-14307

Description

An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or overwrite critical files. This vulnerability can be exploited by manipulating the temporary file creation process, leading to potential unauthorized actions.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
net.sf.robocode:robocode.battleMaven
< 1.9.5.61.9.5.6

Affected products

1

Patches

1
9f882bba2a9c

Merge pull request #68

https://github.com/robo-code/robocodeFlemming N. LarsenMay 13, 2025via ghsa
commit
1 file changed · +21 16
  • robocode.battle/src/main/java/net/sf/robocode/recording/RecordManager.java+21 16 modified
    @@ -14,8 +14,6 @@
 import net.sf.robocode.battle.snapshot.TurnSnapshot;
 import net.sf.robocode.io.FileUtil;
 import net.sf.robocode.io.Logger;
-import static net.sf.robocode.io.Logger.logError;
-
 import net.sf.robocode.serialization.*;
 import net.sf.robocode.settings.ISettingsManager;
 import net.sf.robocode.version.IVersionManager;
@@ -29,6 +27,8 @@
 import java.io.*;
 import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.text.SimpleDateFormat;
 import java.util.Calendar;
 import java.util.List;
@@ -37,6 +37,8 @@
 import java.util.zip.ZipInputStream;
 import java.util.zip.ZipOutputStream;
 
+import static net.sf.robocode.io.Logger.logError;
+
 
 /**
  * @author Pavel Savara (original)
@@ -111,22 +113,25 @@ public void detachRecorder() {
     }
 
     private void createTempFile() {
-        try {
-            if (tempFile == null) {
-                tempFile = File.createTempFile("robocode-battle-records", ".tmp");
-                tempFile.deleteOnExit();
-            } else {
-                if (!tempFile.delete()) {
-                    Logger.logError("Could not delete temp file");
-                }
-                if (!tempFile.createNewFile()) {
-                    throw new Error("Temp file creation failed");
+        AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
+            try {
+                if (tempFile == null) {
+                    tempFile = File.createTempFile("robocode-battle-records", ".tmp");
+                    tempFile.deleteOnExit();
+                } else {
+                    if (!tempFile.delete()) {
+                        logError("Could not delete temp file");
+                    }
+                    if (!tempFile.createNewFile()) {
+                        throw new Error("Temp file creation failed");
+                    }
                 }
+            } catch (IOException e) {
+                logError(e);
+                throw new Error("Temp file creation failed", e);
             }
-        } catch (IOException e) {
-            logError(e);
-            throw new Error("Temp file creation failed", e);
-        }
+            return null;
+        });
     }
 
     void prepareInputStream() {

Vulnerability mechanics

Synthesis attempt was rejected by the grounding validator. Re-run pending.

References

4

News mentions

0

No linked articles in our index yet.