CVE-2025-66003

Vulnerability Description

An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba shareThis issue affects smb4k: from ? before 4.0.5.

Related Weaknesses (CWE)

CWE-73

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-66003
https://security.opensuse.org/2025/12/10/smb4k-major-issues-in-kauth-helper.html

FAQ

What is CVE-2025-66003?

CVE-2025-66003 is a documented vulnerability. An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba shareThi...

How severe is CVE-2025-66003?

CVSS scoring is not yet available for CVE-2025-66003. Check NVD for updates.

Is there a patch for CVE-2025-66003?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.