What is the CVSS score of EUVD-2025-20670?

EUVD-2025-20670 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Ubuntu are affected by EUVD-2025-20670?

CVE-2025-53513 presents significant security risk rated CVSS 8.8. Successful exploitation could significantly impact the confidentiality, integrity, or availability of affected systems.. A patch is available.

Is there a public PoC exploit available for EUVD-2025-20670?

Yes, a public proof-of-concept exploit is available for EUVD-2025-20670. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate EUVD-2025-20670?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

Ubuntu EUVD-2025-20670

| CVE-2025-53513 HIGH

Path Traversal: '../filedir' (CWE-24)

2025-07-08 security@ubuntu.com

GHSA-24ch-w38v-xmh8

Information Disclosure Ubuntu Debian Juju Suse

8.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.8 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ubuntu

HIGH

qualitative

SUSE

HIGH

qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

EUVD ID Assigned

Mar 16, 2026 - 04:21 euvd

EUVD-2025-20670

Analysis Generated

Mar 16, 2026 - 04:21 vuln.today

PoC Detected

Jan 08, 2026 - 11:51 vuln.today

Public exploit code

CVE Published

Jul 08, 2025 - 17:16 nvd

HIGH 8.8

DescriptionCVE.org

The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm.

Analysis

Technical ContextAI

Unrestricted file upload allows attackers to upload malicious files (web shells, executables) that can then be executed on the server.

RemediationAI

Validate file types by content (magic bytes), not just extension. Store uploads outside the web root. Use random filenames. Scan uploads for malware.

Vendor StatusVendor

Ubuntu

Priority: High

juju

Release	Status	Version
jammy	DNE	-
noble	DNE	-
plucky	DNE	-
upstream	released	2.9.52, 3.6.8

Debian

juju

Release	Status	Fixed Version	Urgency
(unstable)	fixed	(unfixed)	-

SUSE

Severity: High

Product	Status
SUSE Linux Enterprise Server 16.0	Fixed
openSUSE Tumbleweed	Fixed
SUSE Linux Enterprise Server 16.1	Fixed
SUSE Linux Enterprise Server for SAP applications 16.1	Fixed

EUVD-2025-20670 vulnerability details – vuln.today

Back

Ubuntu EUVD-2025-20670

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

Analysis

Technical ContextAI

RemediationAI

Vendor StatusVendor

Ubuntu

Debian

SUSE

Share

External POC / Exploit Code