CVE-2025-70342 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

erase-install prior to v40.4 commit 2c31239 writes swiftDialog credential output to a hardcoded path /var/tmp/dialog.json. This allows an unauthenticated attack…
Medium CVSS: 6.6

CVE-2025-70342

erase-install prior to v40.4 commit 2c31239 writes swiftDialog credential output to a hardcoded path /var/tmp/dialog.json. This allows an unauthenticated attacker to intercept admin credentials entered during reinstall/erase operations via creating a named pipe.
Vendor
Grahampugh
Product
Erase-install
CWE
CWE-732
Yayın Tarihi
2026-03-04 15:16:12
Güncelleme
2026-03-09 17:41:57
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-732 Erase-install MEDIUM Grahampugh 2026

Referanslar

https://github.com/grahampugh/erase-install/commit/2c31239fb8519d87577514b3db9ddb0771232a21 https://github.com/grahampugh/erase-install/pull/574 https://github.com/malvector/CVE-2025-70342