CVE-2024-5290
HIGHwpa_supplicant - Uncontrolled Search Path Element via Arbitrary Module Loading
Title source: llmDescription
An issue was discovered in Ubuntu wpa_supplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpa_supplicant runs as (usually root). Membership in the netdev group or access to the dbus interface of wpa_supplicant allow an unprivileged user to specify an arbitrary path to a module to be loaded by the wpa_supplicant process; other escalation paths might exist.
References (3)
Core 3
Core References
Exploit, Issue Tracking
https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/2067613
Exploit, Third Party Advisory
https://snyk.io/blog/abusing-ubuntu-root-privilege-escalation/
Vendor Advisory
https://ubuntu.com/security/notices/USN-6945-1
Scores
CVSS v3
8.8
EPSS
0.0066
EPSS Percentile
46.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-427
Status
published
Products (1)
w1.fi/wpa_supplicant
Published
Aug 07, 2024
Tracked Since
Feb 18, 2026