Incorrect Default Permissions
CVE-2021-34395
Summary
Trusty TLK contains a vulnerability in its access permission settings where it does not properly restrict access to a resource from a user with local privileges, which might lead to limited information disclosure, a low risk of modifcations to data, and limited denial of service.
- LOW
- LOCAL
- LOW
- UNCHANGED
- NONE
- HIGH
- LOW
- LOW
CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
References
Advisory Timeline
- Published