CVE-2025-54289
Privilege Escalation via WebSocket Connection Hijacking in LXD Operations API
In short
An attacker with basic read access to LXD can take over terminal sessions through WebSocket hijacking and run commands with higher privileges. This affects LXD versions before 6.5 and is a serious security risk for shared systems.
Technical detail
The operations API in LXD <6.5 fails to properly validate WebSocket connection ownership, allowing an authenticated attacker with read permissions to hijack active terminal/console sessions and execute arbitrary commands with elevated privileges. The vulnerability stems from insufficient access control on WebSocket connections, enabling lateral privilege escalation in multi-user environments.
Summary generated and translated by AI from the official description.
Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Affected products
Canonical · LXDWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →