Impact
The vulnerability stems from passing unsanitized strings from DHCP replies directly to the wicked dhcp client. It enables arbitrary code execution on the local host, effectively giving an attacker remote command execution capabilities. This weakness involves both operating system command injection (CWE‑78) and improper control of generation of code (CWE‑94).
Affected Systems
Vendor SUSE offers the wicked daemon. Any instance of wicked prior to version 0.6.79 is affected. Users running versions before the 0.6.79 release must update.
Risk and Exploitability
The CVSS score of 8.8 indicates high severity. The EPSS score of less than 1% suggests exploitation is considered unlikely at present, but the vulnerability can be exploited over the network by an attacker controlling a DHCP server and is not listed in CISA KEV. The attack path involves a malicious DHCP server supplying crafted options that are executed by the local wicked client.
OpenCVE Enrichment