Seatd · Seatd · CVE-2022-25643
**Name of the Vulnerable Software and Affected Versions**
seatd versions 0.6.x through 0.6.3
**Description**
The issue allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname.
**Recommendations**
For seatd versions 0.6.x through 0.6.3, update to version 0.6.4 or later to resolve the issue. As a temporary workaround, consider removing the setuid root installation to minimize the risk of exploitation. Restrict access to the seatd-launch component to prevent unauthorized file removal until the issue is resolved.