{"vulnerability": "CVE-2020-25653", "sightings": [{"uuid": "68e4fcae-c330-40fe-a4a2-d7c662d1b472", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25653", "type": "seen", "source": "https://t.me/cibsecurity/16860", "content": "\u203c CVE-2020-25653 \u203c\n\nA race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The highest threat from this vulnerability is to data confidentiality as well as system availability. This flaw affects spice-vdagent versions 0.20 and prior.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-26T07:48:26.000000Z"}]}