Time-of-Check Time-of-Use Vulnerability in RAUC Update Client by Pengutronix
CVE-2020-25860

6.6MEDIUM

Key Information:

Vendor: Pengutronix
Status: Pengutronix Rauc
Vendor: CVE Published:; 21 December 2020

🔔 Create Pengutronix Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2020-25860?

The RAUC update client developed by Pengutronix is susceptible to a Time-of-Check Time-of-Use (TOCTOU) vulnerability. This occurs when signature verification on an update file is performed before the file is reopened for installation. An attacker with access to modify the update file just before installation can exploit this flaw to run arbitrary code on the affected device, potentially compromising its integrity and security.

Affected Version(s)

Pengutronix RAUC All versions before 1.5

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

rauc-1.5-integration
Created by rauc

References

https://github.com/rauc/rauc/security/advisories/GHSA-cgf...

x_refsource_MISC

https://www.vdoo.com/blog/cve-2020-25860-significant-vuln...

x_refsource_MISC

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 21, 2020
🟡
Public PoC available
Nov 30, 2020
👾
Exploit known to exist
Nov 30, 2020
Vulnerability Reserved
Sep 23, 2020