CVE-2020-10027

High

An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This…

zephyr·CWE-697·Published 2020-05-11

CVSS

7.8

EPSS

0.01

KEV

Exploits

cve.orgen

248 chars

An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

NVDen

248 chars

NVDes

297 chars

Un atacante que ha obtenido una ejecución de código dentro de un subproceso (hilo) de usuario es capaz de elevar los privilegios a los del kernel. Consulte NCC-ZEP-001. Este problema afecta a: zephyrproject-rtos zephyr versión 1.14.0 y versiones posteriores. Versión 2.1.0 y versiones posteriores.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.2	3.9	10.0	AV:L/AC:L/Au:N/C:C/I:C/A:C
3.1	Primary	cve.org	7.8	—	—	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H