Permissions, Privileges, and Access Controls in Samba

#VU86856 Permissions, Privileges, and Access Controls in Samba

Published: 2024-02-27

Vulnerability identifier: #VU86856

Vulnerability risk: Medium

CVSSv3.1: 4 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-25720

CWE-ID: CWE-264

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Samba
Server applications / Directory software, identity management

Vendor: Samba

Description

The vulnerability allows a local user to escalate privileges within the network.

The vulnerability exists due to create child permissions allows full write access to all attributes. A local user can escalate privileges within the network.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Samba: 4.17.0 - 4.17.8

External links
http://bugzilla.samba.org/show_bug.cgi?id=14810
http://gitlab.com/samba-team/samba/-/commit/cc64ea24daa649dc8de4a212c7abfbe111095655
http://gitlab.com/samba-team/samba/-/merge_requests/2514

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for samba

Privilege escalation in Samba