← Advisory Index « MOKSHA-2026-0082 MOKSHA-2026-0084 »

MOKSHA-2026-0083: Boot Order Manipulation via VM.HVM_boot_params order

Advisory ID	MOKSHA-2026-0083
Semantic ID	HBP-1
Published	2026-04-24
CVSS 3.1	3.1 Low
CVSS 3.1 Vector	`AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N`
CVSS 4.0	5.3 Medium
CVSS 4.0 Vector	`AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N`
XAPI Object	`VM`
XAPI Field	`HVM_boot_params:order`
Entry Role	vm-admin
Researcher	Jakob Wolffhechel, Moksha

Affected Products

Vendor	Product	Versions
Citrix / Cloud Software Group	XenServer / Citrix Hypervisor	all versions (shared XAPI codebase)
Vates	XCP-ng	8.3.0

Summary

A vm-admin in XAPI-based hypervisors (XenServer, XCP-ng) can set an arbitrary boot order string in VM.HVM_boot_params:order. The value is passed verbatim to QEMU as the -boot order=<value> argument via device.ml:3957-3958. XAPI performs no validation on the boot order string beyond replacing empty values with the default "cd" at xapi_xenops.ml:469-475. QEMU silently ignores unrecognized characters, limiting the practical impact to forcing PXE network boot (order=n) when the attacker also controls DHCP/PXE infrastructure. The VM.HVM_boot_params field has zero map_keys_roles entries.

Vulnerability Description

VM.HVM_boot_params is a Map(String, String) field defined at datamodel_vm.ml:55-58 with zero map_keys_roles entries and _R_VM_ADMIN as the default write role.

The order key flows from XAPI to QEMU:

vm-admin writes HVM_boot_params:order=n via VM.add_to_HVM_boot_params
XAPI reads the value at xapi_xenops.ml:469-475 via assume_default_if_null_empty
If the value is empty or missing, it defaults to "cd"; otherwise the raw value passes through
The value is included in the hvm_info.boot_order record sent to xenopsd
xenopsd constructs QEMU argument: "-boot"; "order=" ^ info.Dm_Common.boot at device.ml:3957-3958
QEMU is invoked via execve (no shell injection possible)
QEMU interprets recognized characters (a=floppy, b=floppy, c=hard disk, d=CD-ROM, n=network PXE)
Unrecognized characters are silently ignored

The use of execve via Forkhelpers.safe_close_and_exec prevents shell metacharacter injection. The practical attack surface is limited to selecting boot devices from the set that QEMU recognizes.

Root Causes

Missing RBAC protection. VM.HVM_boot_params has zero map_keys_roles entries in datamodel_vm.ml. The order key is writable by vm-admin.
Missing write-time validation. The boot order string is not validated against the set of recognized QEMU boot device characters (a, b, c, d, n). Any string is accepted.
set_HVM_boot_params RBAC bypass. The set_HVM_boot_params method replaces the entire map and bypasses map_keys_roles per-key checks.

Affected Systems

Directly Affected

XenServer / Citrix Hypervisor - all versions (shared XAPI codebase)
XCP-ng - all versions (tested on 8.3.0)

Indirectly Affected

Guest VMs - boot order manipulation affects which device the VM boots from
PXE-dependent environments - VMs forced to PXE boot load images from network infrastructure

Exploitation Scenarios

Scenario	Impact	Pre-conditions	Status
Force PXE boot	VM boots from network, loading potentially attacker-controlled image	vm-admin, attacker-controlled PXE infrastructure	Live-tested (key injection confirmed)
Boot device reorder	VM boots from unexpected device (CD instead of disk)	vm-admin	Live-tested
Arbitrary string injection	Unrecognized characters silently ignored by QEMU	vm-admin	Live-tested

Chaining Analysis

BOC-1 + HBP-1: BOC-1 does not lower the RBAC barrier (already vm-admin). With root access, an attacker could modify DHCP/PXE configuration on the host to serve malicious boot images, but BOC-1 alone provides more direct attack paths.
SMC-1: No interaction. Boot parameters do not touch storage protocol traffic.
hvm_serial (#191): No interaction. Boot order cannot create files on the host filesystem.
The vm-admin already controls VIF assignments and network configuration, reducing the incremental value of boot order manipulation.

Detection

Monitor VM.HVM_boot_params for unexpected order values containing n (PXE boot)
Alert on boot order changes outside maintenance windows
See rule H-01 in disclosure/vendor-detection-guidance.md

Remediation

Short-Term Mitigations

Audit all VM.HVM_boot_params entries for unexpected order values
Monitor for VMs with PXE boot enabled that should not have it
Restrict XAPI API access to trusted networks

Long-Term Fix

Add boot order validation. Restrict the order value to characters from the set {a, b, c, d, n} and enforce a maximum length at write time or at XAPI-to-xenopsd translation time.

Add map_keys_roles protection. Restrict the order key to _R_POOL_ADMIN in datamodel_vm.ml.

Replace with typed fields. The order key has a small, well-defined value set. It should be an enumeration field, not a free-form string in a map.

Upstream patches exist. They are held privately pending coordinated disclosure.

Disclosure

Disclosure:

Public release: 2026-04-24 08:00 CEST
CERT/CC notified: 2026-04-23
MITRE CVE reservation filed: 2026-04-09 (no response as of publication)
EU CVE registers notified: 2026-04-18 (GCVE/CIRCL, ENISA, DIVD - no response)
Vendor (Cloud Software Group / Citrix): not contacted pre-publication
Downstream maintainer (Vates/XCP-ng): contacted 2026-04-23 with conditional patch offer

References

Related MOKSHA IDs: MOKSHA-2026-0084 (HBP-2)
XAPI source: datamodel_vm.ml:55-58 (VM.HVM_boot_params field definition), xapi_xenops.ml:469-475 (boot order read + default), xapi_xenops.ml:213-219 (assume_default_if_null_empty), device.ml:3957-3958 (QEMU -boot argument)
Thematic advisory: disclosure/advisories/hbp-security-advisory.md (HBP-1)
Investigation: research/investigations/vm-hvm-boot-params.md

Credits

Discovered and reported by Jakob Wolffhechel, Moksha.

Machine-readable: MOKSHA-2026-0083.json (CVE JSON 5.1 schema)

← Advisory Index « MOKSHA-2026-0082 MOKSHA-2026-0084 »

Jakob Wolffhechel · Moksha · Copenhagen
jakob@wolffhechel.dk · +45 3170 7337
Published 2026-04-24 08:00 CEST · cna.moksha.dk · shittrix.moksha.dk