Privilege escalation in Samba
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2020-25720 |
| CWE-ID | CWE-264 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Samba Server applications / Directory software, identity management |
| Vendor | Samba |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU86856
Risk: Medium
CVSSv3.1: 4 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-25720
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges within the network.
The vulnerability exists due to create child permissions allows full write access to all attributes. A local user can escalate privileges within the network.
Install updates from vendor's website.
Vulnerable software versionsSamba: 4.17.0 - 4.17.8
External linkshttp://bugzilla.samba.org/show_bug.cgi?id=14810
http://gitlab.com/samba-team/samba/-/commit/cc64ea24daa649dc8de4a212c7abfbe111095655
http://gitlab.com/samba-team/samba/-/merge_requests/2514
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
