Linux Distros Unpatched Vulnerability : CVE-2020-10289

🗓️ 27 Aug 2025 00:00:00Reported by TenableType

Unpatched CVE-2020-10289 in robot operating system actionlib enables remote code execution via unsafe YAML loading.

Reporter	Title	Published	Views	Family All 13
CVE	CVE-2020-10289	20 Aug 202008:05	–	cve
Cvelist	CVE-2020-10289 RVD#2401: Use of unsafe yaml load, ./src/actionlib/tools/library.py:132	20 Aug 202008:05	–	cvelist
Debian	[SECURITY] [DLA 2357-1] ros-actionlib security update	30 Aug 202017:00	–	debian
Debian CVE	CVE-2020-10289	20 Aug 202008:05	–	debiancve
Tenable Nessus	Debian DLA-2357-1 : ros-actionlib security update	31 Aug 202000:00	–	nessus
EUVD	EUVD-2020-2744	7 Oct 202500:30	–	euvd
NVD	CVE-2020-10289	20 Aug 202008:15	–	nvd
OpenVAS	Debian: Security Advisory (DLA-2357-1)	31 Aug 202000:00	–	openvas
OSV	DEBIAN-CVE-2020-10289	20 Aug 202008:15	–	osv
OSV	DLA-2357-1 ros-actionlib - security update	30 Aug 202000:00	–	osv

Source	Link
ubuntu	www.ubuntu.com/security/CVE-2020-10289
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(256495);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/08/27");

  script_cve_id("CVE-2020-10289");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2020-10289");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by an unsafe
    parsing of YAML values which happens whenever an action message is processed to be sent, and allows for
    the creation of Python objects. Through this flaw in the ROS core package of actionlib, an attacker with
    local or remote access can make the ROS Master, execute arbitrary code in Python form. Consider
    yaml.safe_load() instead. Located first in actionlib/tools/library.py:132. See links for more info on the
    bug. (CVE-2020-10289)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2020-10289");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-10289");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/08/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ros-actionlib");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Ubuntu Linux-16.04", "Host/OS/Ubuntu Linux-18.04", "Host/OS/Ubuntu Linux-20.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "ros-actionlib"}
        ]
      }
    ]
  },
  "Ubuntu Linux-20.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "20.04",
        "pkgs": [
          {"reference": "ros-actionlib"}
        ]
      }
    ]
  },
  "Ubuntu Linux-18.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "18.04",
        "pkgs": [
          {"reference": "ros-actionlib"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

27 Aug 2025 00:00Current

8.1High risk

Vulners AI Score8.1

CVSS 26.5

CVSS 3.18.8

CVSS 38

EPSS0.00802