Vulnerability Description
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| X.Org | X Server | - |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2020/11/09/3Mailing ListThird Party Advisory
- http://www.openwall.com/lists/oss-security/2020/11/09/3Mailing ListThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1895295Issue TrackingThird Party Advisory
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430
- https://seclists.org/oss-sec/2020/q4/105Mailing ListThird Party Advisory
- http://www.openwall.com/lists/oss-security/2020/11/09/3Mailing ListThird Party Advisory
- http://www.openwall.com/lists/oss-security/2020/11/09/3Mailing ListThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1895295Issue TrackingThird Party Advisory
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430
- https://seclists.org/oss-sec/2020/q4/105Mailing ListThird Party Advisory
FAQ
What is CVE-2020-25697?
CVE-2020-25697 is a vulnerability with a CVSS score of 7.0 (HIGH). A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the serv...
How severe is CVE-2020-25697?
CVE-2020-25697 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-25697?
Check the references section above for vendor advisories and patch information. Affected products include: X.Org X Server.