CVE-2023-30630

dmidecode: dump-bin to overwrite a local file

Severity Score

7.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible.

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly).

A vulnerability was found in dmidecode, which allows -dump-bin to overwrite a local file. This issue may lead to the execution of dmidecode via Sudo.

Multicluster Engine for Kubernetes 2.3.2 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-04-13 CVE Reserved
2023-04-13 CVE Published
2025-03-04 CVE Updated
2025-03-04 First Exploit
2025-04-15 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-23: Relative Path Traversal
CWE-269: Improper Privilege Management

CAPEC

References (6)

URL	Tag	Source
https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=6ca381c1247c81f74e1ca4e7706f70bdda72e6f2	Not Applicable
https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=d8cfbc808f387e87091c25e7d5b8c2bb348bb206	Not Applicable

URL	Date	SRC
https://github.com/adamreiser/dmiwrite	2025-03-04

URL	Date	SRC
https://lists.nongnu.org/archive/html/dmidecode-devel/2023-03/msg00003.html	2023-09-28

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2023-30630	2023-09-19
https://bugzilla.redhat.com/show_bug.cgi?id=2186669	2023-09-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Nongnu Search vendor "Nongnu"		Dmidecode Search vendor "Nongnu" for product "Dmidecode"				< 3.5 Search vendor "Nongnu" for product "Dmidecode" and version " < 3.5"		-		Affected