Lucene search
+L

5 matches found

nessus
nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2020-28407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as...

7.1CVSS7.4AI score0.00279EPSS
Exploits0References2
nessus
nessus
added 2024/06/03 12:0 a.m.17 views

RHEL 8 : 8.2_swtpm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - swtpm: symlink issue may lead to privilege escalation CVE-2020-28407 Note that Nessus has not tested for this issue...

7.1CVSS7.2AI score0.00279EPSS
Exploits0References1
nessus
nessus
added 2024/05/11 12:0 a.m.31 views

RHEL 8 : swtpm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - swtpm: symlink issue may lead to privilege escalation CVE-2020-28407 - swtpm: Unchecked header size...

7.6AI score0.00404EPSS
Exploits0References2
cve
cve
added 2023/11/03 12:0 a.m.76 views

CVE-2020-28407

CVE-2020-28407 affects the TPM emulator product swtpm (versions before 0.4.2 and 0.5.x before 0.5.1). A local attacker can overwrite arbitrary files via a symlink attack against a temporary file (e.g., TMP2-00.permall). The issue is achievable with local access and does not require user interacti...

7.1CVSS6.6AI score0.00279EPSS
Exploits0References3Affected Software1
archlinux
archlinux
added 2020/11/19 12:0 a.m.134 views

[ASA-202011-21] swtpm: privilege escalation

Arch Linux Security Advisory ASA-202011-21 ========================================== Severity: Medium Date : 2020-11-19 CVE-ID : CVE-2020-28407 Package : swtpm Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1282 Summary ======= The package swtpm before version...

7.1CVSS1.1AI score0.00279EPSS
Exploits0References9
Rows per page
Query Builder