CVE-2025-23395 – Screen Root Privilege Escalation Vulnerability

CVE ID : CVE-2025-23395

Published : May 26, 2025, 4:15 p.m. | 1 hour, 16 minutes ago

Description : Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user’s (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…