CVE-2016-15045

HIGH

lastore-daemon <0.9.66-1 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2016-15045. PoCs published by Metasploit, King's Way, King, , # Discovery and exploit, including Metasploit module exploits/linux/local/lastore_daemon_dbus_priv_esc.

AI-analyzed exploit summary This Metasploit module exploits a D-Bus privilege escalation vulnerability in lastore-daemon on Deepin Linux, allowing users in the sudo group to install arbitrary packages without a password, leading to root code execution.

Description

A local privilege escalation vulnerability exists in lastore-daemon, the system package manager daemon used in Deepin Linux (developed by Wuhan Deepin Technology Co., Ltd.). In versions 0.9.53-1 (Deepin 15.5) and 0.9.66-1 (Deepin 15.7), the D-Bus configuration permits any user in the sudo group to invoke the InstallPackage method without password authentication. By default, the first user created on Deepin is in the sudo group. An attacker with shell access can craft a .deb package containing a malicious post-install script and use dbus-send to install it via lastore-daemon, resulting in arbitrary code execution as root.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocallinux
https://www.exploit-db.com/exploits/44523

This Metasploit module exploits a D-Bus privilege escalation vulnerability in lastore-daemon on Deepin Linux, allowing users in the sudo group to install arbitrary packages without a password, leading to root code execution.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: lastore-daemon 0.9.53-1 on Deepin Linux 15.5
Auth required
Prerequisites: User must be in the sudo group · lastore-daemon, dpkg-deb, and dbus-send must be installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by King's Way · pythonlocallinux
https://www.exploit-db.com/exploits/39433

This exploit leverages a D-Bus interface in lastore-daemon on Deepin Linux 15/15.1 to install a malicious .deb package, achieving local privilege escalation. The PoC includes a pre-built malicious package with a SUID binary to gain root access.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: lastore-daemon on Deepin Linux 15 & 15.1
No auth needed
Prerequisites: Local access to a Deepin Linux 15/15.1 system · lastore-daemon running with root privileges
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by King, , # Discovery and exploit · rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/lastore_daemon_dbus_priv_esc.rb

This Metasploit module exploits a D-Bus privilege escalation vulnerability in lastore-daemon on Deepin Linux, allowing users in the sudo group to install arbitrary packages without a password, leading to root code execution.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: lastore-daemon (versions 0.9.53-1, 0.9.66-1) on Deepin Linux 15.5/15.7
Auth required
Prerequisites: User must be in the sudo group · lastore-daemon, dpkg-deb, and dbus-send must be installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Scores

CVSS v4 8.5
EPSS 0.0303
EPSS Percentile 87.0%
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-269 CWE-306
Status published
Products (2)
Wuhan Deepin Technology Co., Ltd./Deepin Linux 0.9.53-1 (Deepin 15.5)
Wuhan Deepin Technology Co., Ltd./Deepin Linux 0.9.66-1 (Deepin 15.7)
Published Jul 23, 2025
Tracked Since Feb 18, 2026