CVE-2020-25860

EUVD-2020-18493
The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time-of-Use vulnerability, where signature verification on an update file takes place before the file is reopened for installation. An attacker who can modify the update file just before it is reopened can install arbitrary code on the device.
TOCTOU
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.6 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
Affected Products (NVD)
VendorProductVersion
pengutronixrauc
𝑥
< 1.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
rauc
bookworm
1.8-2
fixed
bullseye
1.5.1-1
fixed
sid
1.12-1
fixed
trixie
1.12-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
rauc
bionic
dne
focal
needs-triage
groovy
ignored
hirsute
ignored
impish
ignored
jammy
needs-triage
kinetic
ignored
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
dne
xenial
dne
Common Weakness Enumeration
References
https://github.com/rauc/rauc/security/advisories/GHSA-cgf3-h62j-w9vv
https://www.vdoo.com/blog/cve-2020-25860-significant-vulnerability-discovered-rauc-embedded-firmware-update-framework
https://github.com/rauc/rauc/security/advisories/GHSA-cgf3-h62j-w9vv
https://www.vdoo.com/blog/cve-2020-25860-significant-vulnerability-discovered-rauc-embedded-firmware-update-framework