CVE-2025-14282

Dropbear SSH

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-14282 refers to a vulnerability in the Dropbear SSH server that can lead to privilege escalation. The vulnerability stems from incorrect permission handling within Dropbear. Specifically, when processing TCP or Unix domain socket forwardings requested by an authenticated SSH client, Dropbear executes the forwarding operations as root, and only switches to the logged-in user's UID/GID after establishing the session shell. A security update has been issued by Debian to address this vulnerability in its stable distribution (trixie). The issue is fixed in Dropbear version 2025.89-1~deb13u1. It was discovered by Turistu.

Description: -

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score: 17

#exploit 1⃣. CVE-2025-31200, CVE-2025-31201: https://t.co/l1YEKl5Wn9 iMessage Zero‑Click RCE Chain 2⃣. CVE-2025-14282: https://t.co/xhWFlsnWsq Dropbear - privilege escalation via Unix domain socket forwarding 3⃣. CVE-2025-66224: https://t.co/BFGbZnVKgE OrangeHRM RCE 4
@ksg93rd
21 Dec 2025
12696 Impressions
68 Retweets
235 Likes
160 Bookmarks
0 Replies
0 Quotes

References

Sources include official advisories and independent security research.

https://www.cve.org/CVERecord?id=CVE-2025-14282

Overview

AI description

Social media

References