vulnerability
FreeBSD: VID-f0683976-5779-11ea-8a77-1c872ccb1e42 (CVE-2020-8794): OpenSMTPd -- LPE and RCE in OpenSMTPD's default install
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Feb 24, 2020 | Dec 10, 2025 | Dec 10, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Feb 24, 2020
Added
Dec 10, 2025
Modified
Dec 10, 2025
Description
OpenSMTPD developers reports: An out of bounds read in smtpd allows an attacker to inject arbitrary commands into the envelope file which are then executed as root. Separately, missing privilege revocation in smtpctl allows arbitrary commands to be run with the _smtpq group. An unprivileged local attacker can read the first line of an arbitrary file (for example, root's password hash in /etc/master.passwd) or the entire contents of another user's file (if this file and /var/spool/smtpd/ are on the same filesystem).
Solution
freebsd-upgrade-package-opensmtpd
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.