ByteOS Network

Vulnerability Details :

CVE-2020-28407

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-03 Nov, 2023 | 00:00

Updated At-12 Sep, 2024 | 19:34

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:03 Nov, 2023 | 00:00

Updated At:12 Sep, 2024 | 19:34

▼CVE Numbering Authority (CNA)

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
https://github.com/stefanberger/swtpm/releases/tag/v0.4.2	N/A
https://bugzilla.suse.com/show_bug.cgi?id=1198395	N/A
https://github.com/stefanberger/swtpm/releases/tag/v0.5.1	N/A

Hyperlink: https://github.com/stefanberger/swtpm/releases/tag/v0.4.2

Resource: N/A

Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=1198395

Resource: N/A

Hyperlink: https://github.com/stefanberger/swtpm/releases/tag/v0.5.1

Resource: N/A

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://github.com/stefanberger/swtpm/releases/tag/v0.4.2	x_transferred
https://bugzilla.suse.com/show_bug.cgi?id=1198395	x_transferred
https://github.com/stefanberger/swtpm/releases/tag/v0.5.1	x_transferred

Hyperlink: https://github.com/stefanberger/swtpm/releases/tag/v0.4.2

Resource:

x_transferred

Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=1198395

Resource:

x_transferred

Hyperlink: https://github.com/stefanberger/swtpm/releases/tag/v0.5.1

Resource:

x_transferred

2. CISA ADP Vulnrichment

Metrics Other Info

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:03 Nov, 2023 | 04:15

Updated At:09 Nov, 2023 | 21:42

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.1	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Type: Primary

Version: 3.1

Base score: 7.1

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CPE Matches

swtpm_project>>swtpm>>Versions before 0.4.2(exclusive)

cpe:2.3:a:swtpm_project:swtpm:*:*:*:*:*:*:*:*

swtpm_project>>swtpm>>0.5.0

cpe:2.3:a:swtpm_project:swtpm:0.5.0:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-59	Primary	nvd@nist.gov

CWE ID: CWE-59

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://bugzilla.suse.com/show_bug.cgi?id=1198395	cve@mitre.org	Issue Tracking Patch Third Party Advisory
https://github.com/stefanberger/swtpm/releases/tag/v0.4.2	cve@mitre.org	Release Notes
https://github.com/stefanberger/swtpm/releases/tag/v0.5.1	cve@mitre.org	Release Notes

Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=1198395

Source: cve@mitre.org

Resource:

Issue Tracking

Patch

Third Party Advisory

Hyperlink: https://github.com/stefanberger/swtpm/releases/tag/v0.4.2

Source: cve@mitre.org

Resource:

Release Notes

Hyperlink: https://github.com/stefanberger/swtpm/releases/tag/v0.5.1

Source: cve@mitre.org

Resource:

Release Notes

Similar CVEs

54Records found

CVE-2021-41057

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-7.1||HIGH

EPSS-0.17% / 38.29%

7 Day CHG~0.00%

Published-14 Nov, 2021 | 20:21

Updated-04 Aug, 2024 | 02:59

In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions.

Vendor-wibu n/a Siemens AG Microsoft Corporation

Product-sicam_230 pss_e simatic_pcs_neo simatic_process_historian pss_odms codemeter_runtime windows pss_cape simatic_wincc_oa simatic_information_server simit n/a

CWE ID-CWE-59

Improper Link Resolution Before File Access ('Link Following')

CVE-2021-32000

Matching Score-4

Assigner-SUSE

View Details

Matching Score-4

Assigner-SUSE

CVSS Score-3.2||LOW

EPSS-0.02% / 3.58%

7 Day CHG~0.00%

Published-28 Jul, 2021 | 09:35

Updated-16 Sep, 2024 | 17:48

clone-master-clean-up: dangerous file system operations

A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux Enterprise Server 12 SP3 clone-master-clean-up version 1.6-4.6.1 and prior versions. SUSE Linux Enterprise Server 15 SP1 clone-master-clean-up version 1.6-3.9.1 and prior versions. openSUSE Factory clone-master-clean-up version 1.6-1.4 and prior versions.

Vendor-openSUSE SUSE

Product-linux_enterprise_server opensuse_factory SUSE Linux Enterprise Server 12 SP3 Factory SUSE Linux Enterprise Server 15 SP1

CWE ID-CWE-59

Improper Link Resolution Before File Access ('Link Following')

CVE-2021-1612

Matching Score-4

Assigner-Cisco Systems, Inc.

View Details

Matching Score-4

Assigner-Cisco Systems, Inc.

CVSS Score-5.5||MEDIUM

EPSS-0.05% / 14.41%

7 Day CHG~0.00%

Published-23 Sep, 2021 | 02:30

Updated-07 Nov, 2024 | 21:51

Cisco IOS XE SD-WAN Software Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on an affected device.

Vendor-Cisco Systems, Inc.

Product-sd-wan Cisco IOS XE SD-WAN Software

CWE ID-CWE-61

UNIX Symbolic Link (Symlink) Following

CWE ID-CWE-59

Improper Link Resolution Before File Access ('Link Following')

CVE-2021-1091

Matching Score-4

Assigner-NVIDIA Corporation

View Details

Matching Score-4

Assigner-NVIDIA Corporation

CVSS Score-7.1||HIGH

EPSS-0.11% / 30.80%

7 Day CHG~0.00%

Published-22 Jul, 2021 | 04:25

Updated-03 Aug, 2024 | 15:55

NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create a file hard link that causes the driver to overwrite a file that requires elevated privilege to modify, which could lead to data loss or denial of service.

Vendor-NVIDIA Corporation

Product-gpu_display_driver NVIDIA GPU Display Driver

CWE ID-CWE-59

Improper Link Resolution Before File Access ('Link Following')

CVE-2020-28407

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs