CVE-2020-11933 HIGH

CVE-2020-11933: local snapd exploit through cloud-init

Vendor Canonical

Product snapd

Weakness CWE-264

Published July 29, 2020

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

7.3/10

Attack vector Physical

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

What the vulnerability does

01Description

cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659.

Key dates

02Disclosure timeline

July 29, 2020 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-11933

Related vulnerabilities

Identifiers

CVE CVE-2020-11933

CWE CWE-264

CVSS 7.3 / HIGH

Affected versions

Vendor Canonical

Product snapd

Affected ≥ 2.45.2 and < 2.45.2, revision 8539

Vendor Canonical

Product core

Affected ≥ 2.45.2 and < 2.45.2, revision 9659

CVE-2020-11933: local snapd exploit through cloud-init

01Description

02Disclosure timeline

03References

04Related CVE