#VU86856 Permissions, Privileges, and Access Controls in Samba - CVE-2020-25720

Cybersecurity Help s.r.o.

Published: 2024-02-27

Vulnerability identifier: #VU86856

Vulnerability risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-25720

CWE-ID: CWE-264

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Samba
Server applications / Directory software, identity management

Vendor: Samba

Description

The vulnerability allows a local user to escalate privileges within the network.

The vulnerability exists due to create child permissions allows full write access to all attributes. A local user can escalate privileges within the network.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Samba: 4.17.0 - 4.17.8

External links
https://bugzilla.samba.org/show_bug.cgi?id=14810
https://gitlab.com/samba-team/samba/-/commit/cc64ea24daa649dc8de4a212c7abfbe111095655
https://gitlab.com/samba-team/samba/-/merge_requests/2514

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Amazon Linux AMI update for samba

SUSE update for samba

Privilege escalation in Samba