What is CVE-2020-25717?

CVE-2020-25717 is a high-severity vulnerability in Samba, classified under Improper Input Validation. CVSS score: 8.1/10. Published 2022-02-18.

How severe is CVE-2020-25717?

High severity. CVSS v3 base score is 8.1 out of 10.

Is CVE-2020-25717 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Samba

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.016 (72.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N.

Affected products

Samba
Canonical Ubuntu_linux — versions 18.04, 20.04, 21.04
Debian Debian_linux — versions 9.0, 10.0
Fedoraproject Fedora — versions 33, 34, 35
Redhat Codeready_linux_builder
Redhat Enterprise_linux — versions 7.0, 8.0
Redhat Enterprise_linux_desktop — versions 7.0
Redhat Enterprise_linux_eus — versions 8.2, 8.4
Redhat Enterprise_linux_for_ibm_z_systems — versions 7.0, 8.0
Redhat Enterprise_linux_for_ibm_z_systems_eus — versions 8.2, 8.4

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

jirib/notes

References

secalert@redhat.com (Patch, Third Party Advisory, Issue Tracking)
secalert@redhat.com (Mitigation, Vendor Advisory)
secalert@redhat.com (vendor-advisory)

Frequently asked questions

What is CVE-2020-25717?: CVE-2020-25717 is a high-severity vulnerability in Samba, classified under Improper Input Validation. CVSS score: 8.1/10. Published 2022-02-18.
How severe is CVE-2020-25717?: High severity. CVSS v3 base score is 8.1 out of 10.
Is CVE-2020-25717 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.