CVE-2025-3364

Published: Apr 8, 2025Modified: Apr 8, 2025

6.7

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: twcert@cert.org.tw (Secondary)

Description

The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system.

Related CWEs

CWE-250

Execution with Unnecessary Privileges

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

References (2)

https://www.twcert.org.tw/en/cp-139-10058-fce0b-2.html

Source: twcert@cert.org.tw

https://www.twcert.org.tw/tw/cp-132-10057-58c05-1.html

Source: twcert@cert.org.tw

Timeline

No history available yet.