Skip to main content

Linux CVE-2024-13090

| EUVDEUVD-2024-54661 HIGH
Execution with Unnecessary Privileges (CWE-250)
2025-06-10 prodsec@nozominetworks.com
7.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.0 HIGH
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:43 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
24.6.0
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2024-54661
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
CVE Published
Jun 10, 2025 - 11:15 nvd
HIGH 7.0

DescriptionCVE.org

A privilege escalation vulnerability may enable a service account to elevate its privileges.

The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account.

It is important to note that no such vector has been identified in this instance.

AnalysisAI

Privilege escalation vulnerability affecting service accounts through excessively permissive sudo rules that could allow elevation to administrative privileges. The vulnerability requires local access and lower privileges to exploit (CVSS 7.0), but notably, no actual exploitation vector has been identified in the wild. While the CVSS score indicates high impact potential, the absence of a confirmed attack vector and lack of active exploitation signals suggest this is a configuration hardening issue rather than an immediately critical threat.

Technical ContextAI

This vulnerability stems from CWE-250 (Execution with Unnecessary Privileges), a root cause class where applications or system configurations grant excessive permissions beyond what is functionally required. The specific manifestation involves sudo rule misconfigurations that allow a service account (a non-interactive account typically used for application or daemon execution) to execute commands with administrative (root) privileges. Sudo rules define which users can execute which commands as other users without passwords; when these rules are overly broad, they create a privilege escalation pathway. The attack surface is local-only, requiring an attacker to either compromise the service account or be able to execute code within that account's context. This typically affects Unix/Linux systems where sudo is the standard privilege escalation mechanism.

RemediationAI

  1. Audit all sudo rules for service accounts by executing 'sudo -l' as each service account and reviewing sudoers file entries (/etc/sudoers and /etc/sudoers.d/). 2. Apply principle of least privilege: restrict sudo rules to only the specific commands required for each service account's function, using absolute paths and avoiding wildcards or ALL commands. 3. Use sudo command aliases and parameter restrictions to limit what can be executed. 4. Implement sudo logging and auditing (Defaults log_output, Defaults use_pty) to detect abuse. 5. Consider using alternative mechanisms like capabilities (setcap) or AppArmor/SELinux profiles instead of broad sudo rules where applicable. 6. If vendor-specific guidance is available (check with your service account/application vendor), follow their hardening recommendations. No patch version information is available, as this appears to be a configuration issue rather than a software bug requiring code patches.

Share

CVE-2024-13090 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy