Privilege Escalation in Canonical LXD 6.5
CVE-2025-54289
7.4HIGH
What is CVE-2025-54289?
A privilege escalation vulnerability exists in the operations API of Canonical LXD version 6.5 across multiple platforms. This flaw enables an attacker with read permissions to exploit WebSocket connection hijacking, potentially taking control of terminal or console sessions. By executing arbitrary commands, the attacker may gain unauthorized access and information exposure, impacting the security integrity of the system.
Affected Version(s)
LXD 6 < 6.5
LXD 5.21 < 5.21.4
References
CVSS V4
Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
Vulnerability published
Vulnerability Reserved