rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.00791Percentile:
0.72928
CVSS Scoring
CVSS v2 Score: 2.1
Severity:
Mapped CWE(s)
CWE-269
: Improper Privilege Management
All CAPEC(s)
CAPEC-122 : Privilege Abuse
CAPEC-233 : Privilege Escalation
CAPEC-58 : Restful Privilege Elevation
CAPEC(s) with Mapped TTPs
CAPEC-122 : Privilege Abuse
Mapped TTPs:
T1548
: Abuse Elevation Control Mechanism
CAPEC-233 : Privilege Escalation
Mapped TTPs:
T1548
: Abuse Elevation Control Mechanism
Mapped ATT&CK TTPs
T1548
: Abuse Elevation Control Mechanism
Kill Chain: privilege-escalation
T1548
: Abuse Elevation Control Mechanism
Kill Chain: privilege-escalation
Malware
APTs Threat Group Associations
Campaigns
Affected Products
cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me