CVE-2025-53513

Summary

The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm.

Affected Software

VendorProductVersion RangeStatus
CanonicalJuju2.0.0 < 2.9.52affected
CanonicalJuju3.0.0 < 3.6.8affected

Weaknesses

  • CWE-24: CWE-24: Path Traversal: '../filedir'

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

Additional References

References