First published: Tue Aug 22 2023(Updated: )
An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Kernel Util-linux | <2.27 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-21583 is a vulnerability in hwclock.13-v2.27 that allows attackers to gain escalated privileges or execute arbitrary commands via the path parameter when setting the date.
CVE-2020-21583 has a severity rating of medium, with a CVSS score of 6.7.
CVE-2020-21583 can be exploited by attackers through the path parameter when setting the date using hwclock.13-v2.27, allowing them to gain escalated privileges or execute arbitrary commands.
Yes, Kernel Util-linux up to version 2.27 is affected by CVE-2020-21583.
More information about CVE-2020-21583 can be found at the following references: [Link 1](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786804), [Link 2](https://packetstormsecurity.com/files/132061/hwclock-Privilege-Escalation.html)