CVE-2019-12999

HIGH

Lightning Network Daemon <0.7 - Privilege Escalation

Title source: llm

Description

Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control.

Exploits (1)

nomisec SCANNER 10 stars
by lightninglabs · poc
https://github.com/lightninglabs/chanleakcheck

References (3)

Scores

CVSS v3 7.5
EPSS 0.0082
EPSS Percentile 74.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

Status published
Products (2)
lightning/network_daemon < 0.7
lightningnetwork/lnd 0 - 0.7.1-betaGo
Published Jan 31, 2020
Tracked Since Feb 18, 2026