CVE-2025-5689 — Improper Privilege Management in Ubuntu Authd

CWE-269 — Improper Privilege Management CWE-266 — Incorrect Privilege Assignment5 documents4 sources

Severity

8.5HIGHNVD

EPSS

0.1%

top 77.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Github.com Ubuntu Authd Canonical Authd

Timeline

PublishedJun 16

Latest updateJul 28

Description

A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:NExploitability: 3.1 | Impact: 4.7

Affected Packages3 packages

▶NVDcanonical/authd< 0.5.4

▶Gogithub.com/ubuntu_authd< 0.5.4

▶CVEListV5canonical/authd0.0.0 — 0.5.4

Patches

Patch: github.com ↗

🔴Vulnerability Details

OSV

New authd users logging in via SSH are members of the root group in github.com/ubuntu/authd↗2025-07-28

▶

CVEList

Improper Permission Management in SSH Session Handling↗2025-06-16

▶

GHSA

New authd users logging in via SSH are members of the root group↗2025-06-16

▶

OSV

New authd users logging in via SSH are members of the root group↗2025-06-16

▶