A malicious CF file is able to execute system commands without producing output/error streams.
https://seclists.org/oss-sec/2019/q4/154