CVE-2020-11933

CWE-2645 documents5 sources
Severity
6.8MEDIUM
EPSS
0.0%
top 92.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Canonical CoreCanonical SnapdCanonical Ubuntu Linux
Timeline
PublishedJul 29
Latest updateMay 24

Description

cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:NExploitability: 0.9 | Impact: 5.8

Affected Packages4 packages

CVEListV5canonical/core2.45.22.45.2, revision 9659
CVEListV5canonical/snapd2.45.22.45.2, revision 8539
NVDcanonical/snapd< 2.45.2
Ubuntusnapd< 2.45.1ubuntu0.2+2

Also affects: Ubuntu Linux 16.04, 18.04, 19.10, 20.04

🔴Vulnerability Details

3
GHSA
GHSA-v343-8p34-76p3: cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker coul2022-05-24
CVEList
local snapd exploit through cloud-init2020-07-29
OSV
snapd vulnerabilities2020-07-15

📋Vendor Advisories

1
Ubuntu
snapd vulnerabilities2020-07-15
CVE-2020-11933 (MEDIUM CVSS 6.8) | cloud-init as managed by snapd on U | cvebase.io