CVE-2025-46802
6
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
Summary
For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise Micro 5.3 | ? < 4.6.2-150000.5.8.1 | affected |
| SUSE | SUSE Linux Enterprise Micro 5.4 | ? < 4.6.2-150000.5.8.1 | affected |
| SUSE | SUSE Linux Enterprise Micro 5.5 | ? < 4.6.2-150000.5.8.1 | affected |
| SUSE | SUSE Linux Enterprise Module for Basesystem 15 SP6 | ? < 4.6.2-150000.5.8.1 | affected |
| SUSE | SUSE Linux Enterprise Server 15 SP6 | ? < 4.6.2-150000.5.8.1 | affected |
| SUSE | SUSE Linux Enterprise Desktop 15 SP6 | ? < 4.6.2-150000.5.8.1 | affected |
| SUSE | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ? < 4.6.2-150000.5.8.1 | affected |
| SUSE | SUSE Linux Enterprise High Performance Computing 15 SP6 | ? < 4.6.2-150000.5.8.1 | affected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
Additional References
References
- https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46802
- https://www.openwall.com/lists/oss-security/2025/05/12/1
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.