| Title | KylinSoft kylin-system-updater ≤ 2.0.5.16-0k2.33 local privilege escalation |
|---|
| Description | A local privilege escalation vulnerability exists in Kylin OS within the dbus functionality, specifically in the SetDownloadspeedMax function of the com.kylin.systemupgrade service. An attacker can exploit this vulnerability to elevate their privileges on the affected system from a regular user to a system administrator. |
|---|
| Source | ⚠️ https://note.zhaoj.in/share/L1hGe9BDlbnt |
|---|
| User | glzjin (UID 59815) |
|---|
| Submission | 12/15/2023 18:56 (2 years ago) |
|---|
| Moderation | 12/24/2023 09:04 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 248940 [KylinSoft kylin-system-updater up to 2.0.5.16-0k2.33 com.kylin.systemupgrade Service UpgradeStrategiesDbus.py SetDownloadspeedMax os command injection] |
|---|
| Points | 18 |
|---|