glib gdbus setgid PrivEsc via D-Bus: CVE-2020-11936 January 2025

CVE-2020-11936 is exploitable with network access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. Public availability of a proof of concept (POC) exploit exists for CVE-2020-11936. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Attack Vector:

NETWORK

Attack Complexity:

HIGH

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

NONE

Availability Impact:

NONE

Products Associated with CVE-2020-11936

Want to know whenever a new CVE is published for GNOME Glib? stack.watch will email you.

Affected Versions

Exploit Probability

EPSS

0.09%

Percentile

24.96%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

glib gdbus setgid PrivEsc via D-Bus
CVE-2020-11936 Published on January 31, 2025

Vulnerability Analysis

Products Associated with CVE-2020-11936

Affected Versions

Exploit Probability

glib gdbus setgid PrivEsc via D-BusCVE-2020-11936 Published on January 31, 2025

Vulnerability Analysis

Products Associated with CVE-2020-11936

Affected Versions

Exploit Probability

glib gdbus setgid PrivEsc via D-Bus
CVE-2020-11936 Published on January 31, 2025