CVE-2020-27777
CVE-2020-27777
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
15 Dec 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.
Affected products
n/a · kernelWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →