Secuirty restrictions bypass in KDE kio-extras
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2020-12755 |
| CWE-ID | CWE-840 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
kio-extras Client/Desktop applications / Other client software |
| Vendor | KDE.org |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Business Logic Errors
EUVDB-ID: #VU27617
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12755
CWE-ID:
CWE-840 - Business Logic Errors (3.0)
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to kio_fish stores the typed password in KWallet even if the user does not check the Remember box. The vulnerability resides within the fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0, which
makes a cacheAuthentication call even if the user had not set the keepPassword option.
This is considered a security issue by users who do not trust KWallet (e.g. because
passwords can be read in KWalletManager, given physical access) as it leads to to unintended KWallet storage of the password.
Install updates from vendor's website.
Vulnerable software versionskio-extras: 4.96.0 - 20.03.90
External linkshttp://commits.kde.org/kio-extras/d813cef3cecdec9af1532a40d677a203ff979145
http://kde.org/info/security/advisory-20200510-1.txt
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
