Privilege Escalation Vulnerability in Xorg-x11-server by Vendor X
CVE-2020-25697

7HIGH

Key Information:

Vendor: X.org
Status: Xorg-x11-server
Vendor: CVE Published:; 26 May 2021

What is CVE-2020-25697?

A privilege escalation flaw has been identified in Xorg-x11-server, stemming from the lack of mutual authentication for X11 clients. This weakness enables a malicious actor to impersonate the intended server, subsequently gaining unauthorized control over X applications. Hence, it is crucial for users and administrators to implement effective security measures to mitigate the risk associated with this vulnerability.

Affected Version(s)

xorg-x11-server All

References

http://www.openwall.com/lists/oss-security/2020/11/09/3

mailing-listx_refsource_MLIST

https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4...

mailing-listx_refsource_MLIST

https://seclists.org/oss-sec/2020/q4/105

x_refsource_MISC

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2021
Vulnerability Reserved
Sep 16, 2020

X.org

What is CVE-2020-25697?

Affected Version(s)

References

CVSS V3.1

Timeline