Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate privileges via the osslsigncode.c component
AnalysisAI
A privilege escalation vulnerability exists in osslsigncode (mtrojnar) versions 2.10 and earlier within the osslsigncode.c component, allowing remote attackers to escalate privileges. The vulnerability affects users of the osslsigncode code signing utility. While CVSS scoring is not yet available, referenced GitHub issues and pull requests suggest this is an authenticated or context-dependent issue that has been identified and likely patched.
Technical ContextAI
osslsigncode is a tool used for digitally signing code using OpenSSL, commonly deployed in cross-platform build and release environments. The vulnerability resides in the osslsigncode.c component, which handles the core signing logic. Without a specific CWE classification provided, the privilege escalation likely stems from improper input validation, insecure file operations, or unsafe handling of certificate/signature data within the signing process. The tool is widely used in open-source and commercial software supply chains for Windows Authenticode signing on non-Windows platforms. The affected CPE indicates the broader osslsigncode product line (cpe:2.3:a:n/a:n/a:*:*:*:*:*:*:*:*), though the vendor is mtrojnar per the GitHub repository evidence.
RemediationAI
Upgrade osslsigncode to version 2.11 or later; the patch is available in the mtrojnar GitHub repository (https://github.com/mtrojnar/osslsigncode/pull/477). Organizations using osslsigncode in automated build pipelines should apply the patch immediately and validate signing workflows post-update. Until patching is feasible, restrict osslsigncode execution to sandboxed or isolated build environments with minimal privilege escalation surface and disable unnecessary file system or network access. Code signing operations should run under a dedicated unprivileged service account with no system-level privileges to limit escalation impact.
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allVendor StatusVendor
SUSE
Severity: Critical| Product | Status |
|---|---|
| SUSE Package Hub 15 SP6 | Fixed |
| openSUSE Leap 15.6 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Package Hub 15 SP6 | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-209012
GHSA-m387-6h4v-93hp