Eternal Terminal
CVE-2022-24951
HIGH
Severity by source
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A race condition exists in Eternal Terminal prior to version 6.2.0 which allows a local attacker to hijack Eternal Terminal's IPC socket, enabling access to Eternal Terminal clients which attempt to connect in the future.
AnalysisAI
A race condition exists in Eternal Terminal prior to version 6.2.0 which allows a local attacker to hijack Eternal Terminal's IPC socket, enabling access to Eternal Terminal clients which attempt to. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-362. A race condition exists in Eternal Terminal prior to version 6.2.0 which allows a local attacker to hijack Eternal Terminal's IPC socket, enabling access to Eternal Terminal clients which attempt to connect in the future. Affected products include: Eternal Terminal Project Eternal Terminal. Version information: version 6.2.0.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Eternal Terminal
View allA race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other
A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. Rated high severity (CVSS 7.5), this v
Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered re
In Eternal Terminal 6.2.1, TelemetryService uses fixed paths in /tmp. Rated medium severity (CVSS 6.3). Public exploit c
Same weakness CWE-362 – Race Condition
View allSame technique Race Condition
View allShare
External POC / Exploit Code
Leaving vuln.today