CVE-2025-0781 – FSFlight Tracker Nasal Privilege Escalation RCE

The following table lists the changes that have been made to the CVE-2025-0781 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Jan. 29, 2025

    Action Type Old Value New Value
    Added Reference https://lists.debian.org/debian-lts-announce/2025/01/msg00028.html
  • New CVE Received by [email protected]

    Jan. 28, 2025

    Action Type Old Value New Value
    Added Description An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level.
    Added CVSS V3.1 AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
    Added CWE CWE-863
    Added Reference https://gitlab.com/flightgear/flightgear/-/commit/ad37afce28083fad7f79467b3ffdead753584358
    Added Reference https://gitlab.com/flightgear/flightgear/-/issues/3025
    Added Reference https://gitlab.com/flightgear/simgear/-/commit/5bb023647114267141a7610e8f1ca7d6f4f5a5a8

نوشته های مشابه

CVE-2024-37358 – Apache James IMAP Denial of Service Vulnerability

CVE-2025-20094 – Microsoft Defense Platform Windows RCE (Shatter)

CVE-2025-23236 – Cisco Defense Platform Home Edition Buffer Overflow Elevates Privileges

CVE-2024-51547 – ABB ASPECT-Enterprise/NEXUS Series/MATRIX Series Hard-coded Credentials Vulnerability