// For flags

CVE-2023-1523

 

Severity Score

10.0
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console.

Utilizando la petición IOCTL de TIOCLINUX, un snap malicoso podría inyectar contenido en la entrada del terminal de control, lo que podría permitir que se ejecutaran comandos arbitrarios fuera del sandbox del snap después de que éste saliera. Los emuladores gráficos de terminal como xterm, gnome-terminal y otros no se ven afectados. Esto sólo puede ser explotado cuando los snaps se ejecutan en una consola virtual.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
Poc
Automatable
Yes
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2023-03-20 CVE Reserved
  • 2023-05-31 CVE Published
  • 2024-09-07 EPSS Updated
  • 2024-10-01 CVE Updated
  • 2024-10-01 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Canonical
Search vendor "Canonical"
Snapd
Search vendor "Canonical" for product "Snapd"
< 2.59.5
Search vendor "Canonical" for product "Snapd" and version " < 2.59.5"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
16.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04"
esm
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
18.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04"
esm
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
20.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "20.04"
lts
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
22.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "22.04"
lts
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
22.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "22.10"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
23.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "23.04"
-
Affected