PT-2026-22927 · Unknown · Erase-Install
Published
2026-03-04
·
Updated
2026-03-04
·
CVE-2025-70342
CVSS v3.1
6.6
Medium
| Vector | AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
erase-install versions prior to v40.4 commit 2c31239
Description
The erase-install utility writes the output of swiftDialog credentials to a hardcoded path, specifically
/var/tmp/dialog.json. This allows an unauthenticated attacker to potentially intercept administrator credentials entered during reinstall or erase operations by creating a named pipe.Recommendations
Update to version 40.4 commit 2c31239 or later.
Exploit
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Erase-Install