Cyber Resilience

CVE-2020-8655

HighCISA KEVActive ExploitationEUVD ExploitedPublic PoCLPE

Published: 07 February 2020

Published
07 February 2020
Modified
10 November 2025
KEV Added
03 November 2021
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.8787 99.5th percentile
Risk Priority 88 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-8655 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Eyesofnetwork Eyesofnetwork. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 0.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

EyesOfNetwork 5.3 is affected by a privilege escalation vulnerability stemming from its sudoers configuration. The flaw allows the apache user to execute arbitrary commands as root by supplying a crafted NSE script to nmap 7, corresponding to CWE-269 improper privilege management.

An attacker able to influence or control actions performed by the apache user can exploit the misconfiguration to run commands with full root privileges. The vulnerability is rated 7.8 under CVSS 3.1 with an AV:L/AC:L/PR:N/UI:R vector, indicating local access requirements but high impact on confidentiality, integrity, and availability.

Publicly available exploit material on PacketStorm Security demonstrates remote code execution and command execution through the AutoDiscovery target feature, with additional context provided in the EyesOfNetworkCommunity eonconf GitHub issue tracker. No official patch or mitigation details are referenced in the available sources.

EU & UK References

Vulnerability details

An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7.

CWE(s)
KEV Date Added
03 November 2021

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

eyesofnetwork
eyesofnetwork
5.3-0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly counters the CWE-269 improper privilege management by restricting the apache user to only the minimal privileges required, eliminating the ability to invoke nmap with arbitrary NSE scripts as root.

prevent

Enforces the intended access control policy expressed in sudoers so that the apache account cannot execute commands with root privileges via the crafted nmap invocation.

prevent

Requires secure, documented configuration settings for sudoers and related binaries, preventing the overly permissive nmap execution rule that enables the privilege escalation.

References