CVE-2020-13599
LOWZephyr < 1.14.2 - Incorrect Default Permissions in Settings and LittleFS
Title source: llmDescription
Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q
Not Applicable, Third Party Advisory x_refsource_misc
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1199
Scores
CVSS v3
3.3
EPSS
0.0023
EPSS Percentile
13.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Details
CWE
CWE-276
Status
published
Products (1)
zephyrproject/zephyr
< 1.14.2
Published
May 25, 2021
Tracked Since
Feb 18, 2026