Privilege Escalation in Canonical LXD 6.5
CVE-2025-54289

7.4HIGH

Key Information:

Vendor

Canonical

Status
Vendor
CVE Published:
2 October 2025

What is CVE-2025-54289?

A privilege escalation vulnerability exists in the operations API of Canonical LXD version 6.5 across multiple platforms. This flaw enables an attacker with read permissions to exploit WebSocket connection hijacking, potentially taking control of terminal or console sessions. By executing arbitrary commands, the attacker may gain unauthorized access and information exposure, impacting the security integrity of the system.

Affected Version(s)

LXD 6 < 6.5

LXD 5.21 < 5.21.4

References

CVSS V4

Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-54289 : Privilege Escalation in Canonical LXD 6.5