What is the CVSS score of CVE-2025-54288?

CVE-2025-54288 has a CVSS 3.1 base score of 6.8 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N. EPSS exploitation probability: 0.1%.

Which versions of Ubuntu are affected by CVE-2025-54288?

Organizations using devLXD Server in Canonical LXD should be aware of notable risk from CVE-2025-54288 rated CVSS 6.8. Exploitation could compromise the security of affected deployments.. A patch is available.

Is there a public PoC exploit available for CVE-2025-54288?

Yes, a public proof-of-concept exploit is available for CVE-2025-54288. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2025-54288?

Within 30 days: Identify affected systems running devLXD Server in Canonical LXD and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Ubuntu CVE-2025-54288

EUVD-2025-32637 MEDIUM

Authentication Bypass by Spoofing (CWE-290)

2025-10-02 security@ubuntu.com

GHSA-7232-97c6-j525

Authentication Bypass Ubuntu Debian Lxd Suse

6.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

6.8 MEDIUM

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Ubuntu

MEDIUM

qualitative

SUSE

MEDIUM

qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

EUVD ID Assigned

Mar 13, 2026 - 19:12 euvd

EUVD-2025-32637

Analysis Generated

Mar 13, 2026 - 19:12 vuln.today

PoC Detected

Oct 24, 2025 - 14:44 vuln.today

Public exploit code

CVE Published

Oct 02, 2025 - 10:15 nvd

MEDIUM 6.8

DescriptionCVE.org

Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the command line.

Analysis

Technical ContextAI

An authentication bypass vulnerability allows attackers to circumvent login mechanisms and gain unauthorized access without valid credentials. This vulnerability is classified as Authentication Bypass by Spoofing (CWE-290).

RemediationAI

Implement robust authentication mechanisms. Use multi-factor authentication. Review authentication logic for bypass conditions. Remove default credentials.

Vendor StatusVendor

Ubuntu

Priority: Medium

lxd

Release	Status	Version
plucky	DNE	-
upstream	needs-triage	-
xenial	needs-triage	-
bionic	needs-triage	-
focal	needs-triage	-
jammy	DNE	-
noble	DNE	-
questing	DNE	-

Debian

incus

Release	Status	Fixed Version	Urgency
trixie	fixed	6.0.4-2+deb13u1	-
trixie (security)	fixed	6.0.4-2+deb13u4	-
forky, sid	fixed	6.0.5-8	-
(unstable)	fixed	6.0.5-1	-

lxd

Release	Status	Fixed Version	Urgency
bookworm	fixed	5.0.2-5+deb12u1	-
bookworm (security)	fixed	5.0.2-5+deb12u3	-
trixie	fixed	5.0.2+git20231211.1364ae4-9+deb13u1	-
trixie (security)	fixed	5.0.2+git20231211.1364ae4-9+deb13u3	-
(unstable)	fixed	(unfixed)	-

DSA-6027-1 DSA-6028-1

SUSE

Severity: Medium

Product	Status
openSUSE Tumbleweed	Fixed

CVE-2025-54288 vulnerability details – vuln.today

Back

Ubuntu CVE-2025-54288

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

Analysis

Technical ContextAI

RemediationAI

Vendor StatusVendor

Ubuntu

Debian

SUSE

Share

External POC / Exploit Code