VDB
CVE-2020-25697
CVE-2020-25697
PUBLISHED
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.
EPSS 0.05% · 15.4th percentile
Risk Scores
EPSS Score
0.05%
15.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:14.04:LTS | libx11 | *, *, 2:1.6.1-1ubuntu1 |
| Ubuntu:Pro:18.04:LTS | libx11 | 2:1.6.4-3ubuntu0.2, 2:1.6.4-3ubuntu0.3, 2:1.6.4-3ubuntu0.4+esm1 |
| Ubuntu:22.04:LTS | libx11 | 2:1.7.2-2build1, 2:1.7.5-1, 2:1.7.5-1ubuntu0.2 |
| Ubuntu:Pro:16.04:LTS | libx11 | 2:1.6.3-1ubuntu2.2+esm4, 2:1.6.3-1ubuntu2, 2:1.6.3-1ubuntu2.2 |
| Ubuntu:20.04:LTS | libx11 | 0, 2:1.6.9-2, 2:1.6.9-2ubuntu1 |
Timeline
- Nov 10, 2020 CVE Published
- May 27, 2021 EPSS Score
- Jul 29, 2021 EPSS Score
- Sep 28, 2021 EPSS Score
- Nov 29, 2021 EPSS Score
- Jan 29, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 31, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 31, 2022 EPSS Score
- Aug 1, 2022 EPSS Score
- Oct 1, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-25697 third-party-advisory
- https://www.openwall.com/lists/oss-security/2020/11/09/3 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-25697 third-party-advisory