AI description
CVE-2025-14282 refers to a vulnerability in the Dropbear SSH server that can lead to privilege escalation. The vulnerability stems from incorrect permission handling within Dropbear. Specifically, when processing TCP or Unix domain socket forwardings requested by an authenticated SSH client, Dropbear executes the forwarding operations as root, and only switches to the logged-in user's UID/GID after establishing the session shell. A security update has been issued by Debian to address this vulnerability in its stable distribution (trixie). The issue is fixed in Dropbear version 2025.89-1~deb13u1. It was discovered by Turistu.
- Description
- A flaw was found in Dropbear. When running in multi-user mode and authenticating users, the dropbear ssh server does the socket forwardings requested by the remote client as root, only switching to the logged-in user upon spawning a shell or performing some operations like reading the user's files. With the recent ability of also using unix domain sockets as the forwarding destination any user able to log in via ssh can connect to any unix socket with the root's credentials, bypassing both file system restrictions and any SO_PEERCRED / SO_PASSCRED checks performed by the peer.
- Source
- patrick@puiterwijk.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 5.4
- Impact score
- 2.5
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- patrick@puiterwijk.org
- CWE-266
- Hype score
- Not currently trending
CVE-2025-14282 A flaw was found in Dropbear. When running in multi-user mode and authenticating users, the dropbear ssh server does the socket forwardings requested by the remote cl… https://t.co/nrdCuFl6ri
@CVEnew
12 Feb 2026
203 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
oss-sec: [CVE-2025-14282] dropbear: privilege escalation via unix domain socket forwardings https://t.co/1WjWgLHpKM #cyber #threathunting #infosec
@blueteamsec1
21 Jan 2026
385 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
Technical deep dive: #Debian's DSA 6086-1 for Dropbear (CVE-2025-14282). This isn't just a patch alert. It's a case study in memory safety flaws in lightweight SSH daemons and a springboard for discussing. Read more: 👉 https://t.co/2sw1uVH7JP #Security https://t.co/69YUGj
@Cezar_H_Linux
29 Dec 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-14282: Dropbear: privilege escalation via unix domain socket forwardings https://t.co/rr7q2DNnsF User able to log in via ssh can connect to any unix socket as root, bypassing both filesystem restrictions and SO_PEERCRED checks. Could be used to get a root shell.
@oss_security
26 Dec 2025
7011 Impressions
21 Retweets
80 Likes
45 Bookmarks
1 Reply
0 Quotes
#exploit 1⃣. CVE-2025-31200, CVE-2025-31201: https://t.co/l1YEKl5Wn9 iMessage Zero‑Click RCE Chain 2⃣. CVE-2025-14282: https://t.co/xhWFlsnWsq Dropbear - privilege escalation via Unix domain socket forwarding 3⃣. CVE-2025-66224: https://t.co/BFGbZnVKgE OrangeHRM RCE 4
@ksg93rd
21 Dec 2025
12696 Impressions
68 Retweets
235 Likes
160 Bookmarks
0 Replies
0 Quotes