CVE-2020-8903— Priviged Escalation in Google Cloud Platform's Guest-OSLogin
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-8903
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Priviged Escalation in Google Cloud Platform's Guest-OSLogin
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from the systemd journal. Using the DHCP XID, it is then possible to set the IP address and hostname of the instance to any value, which is then stored in /etc/hosts. An attacker can then point metadata.google.internal to an arbitrary IP address and impersonate the GCE metadata server which make it is possible to instruct the OS Login PAM module to grant administrative privileges. All images created after 2020-May-07 (20200507) are fixed, and if you cannot update, we recommend you edit /etc/group/security.conf and remove the "adm" user from the OS Login entry.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
缺省权限不正确
Source: NVD (National Vulnerability Database)
Vulnerability Title
Google Cloud Platform guest-oslogin 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Google Cloud Platform是美国谷歌(Google)公司的一款能够提供云计算、数据存储、数据分析及机器学习等服务的云计算平台。 Google Cloud Platform中的guest-oslogin 20190304版本至20200507之前版本中存在安全漏洞。攻击者可利用该漏洞将权限提升至root。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Google LLC | guest-oslogin | 20190304 ~ 20200507 | - |
II. Public POCs for CVE-2020-8903
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-8903
请登录查看更多情报信息。
- https://cloud.google.com/support/bulletins/#gcp-2020-008x_refsource_MISC
- https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29x_refsource_CONFIRM
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00037.htmlvendor-advisoryx_refsource_SUSE
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00047.htmlvendor-advisoryx_refsource_SUSE
- https://nvd.nist.gov/vuln/detail/CVE-2020-8903
Same Patch Batch · Google LLC · 2020-06-22 · 3 CVEs total
| CVE-2020-8907 | Priviged Escalation in Google Cloud Platform's Guest-OSLogin | |
| CVE-2020-8933 | Priviged Escalation in Google Cloud Platform's Guest-OSLogin |
IV. Related Vulnerabilities
Same vendor: Google LLC
- CVE-2022-3095
Incorrect parsing of the backslash characters in Dart librar - CVE-2022-3474
Bazel leaks user credentials through the remote assets API - CVE-2022-3421
Privilege escalation in Google Drive for Desktop on MacOS - CVE-2022-3171
Memory handling vulnerability in ProtocolBuffers Java core a - CVE-2022-1941
Out of Memory issue in ProtocolBuffers for cpp and python
Same weakness: CWE-276
- CVE-2026-0539
Local Privilege Escalation in pcvisit service client - CVE-2026-6823
HKUDS OpenHarness Insecure Default Remote Channel Allowlist - CVE-2026-6819
HKUDS OpenHarness Plugin Management Command Exposure - CVE-2026-39454
SKYSEA Client View 安全漏洞 - CVE-2026-30811
Missing Authorization in Configuration Ajax Endpoint leads t
V. Comments for CVE-2020-8903
No comments yet