ID:11121 - Exploit for UNIX symbolic link following in cups - CVE-2024-35235

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:11121 - Exploit for UNIX symbolic link following in cups - CVE-2024-35235

ID:11121 - Exploit for UNIX symbolic link following in cups - CVE-2024-35235

Published: February 7, 2025


Vulnerability identifier: #VU92075
Vulnerability risk: Low
CVE-ID: CVE-2024-35235
CWE-ID: CWE-61
Exploitation vector: Local access
Vulnerable software:
cups

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a symlink following issue. A local user can create a specially crafted symbolic link to a critical file on the system and make it world-writable.

Successful exploitation of this vulnerability may result in privilege escalation.


Remediation

Install updates from vendor's website.