CVE-2017-6516

Name: CVE-2017-6516
Creator: NVD / NIST
Published: 2017-03-14T17:59:00.23+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 5.29%

Last modified Jun 17, 2026

CVE-2017-6516 is a vulnerability of currently unknown severity. A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. EPSS estimates a 5.29% chance of exploitation in the next 30 days.

Description

A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. This access could be exploited by a local attacker to gain a root shell prompt using the right combination of environment variables and command line arguments.

Metrics

EPSS Probability

5.29%

91.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Magnicomp	Sysinfo	<= 10-h62

References

http://www.magnicomp.com/support/cve/CVE-2017-6516.shtmlThird Party Advisory
http://www.securityfocus.com/bid/96934Third Party Advisory, VDB Entry
https://labs.mwrinfosecurity.com/advisories/magnicomps-sysinfo-root-setuid-local-privilege-escalation-vulnerability/Third Party Advisory
https://labs.mwrinfosecurity.com/advisories/multiple-vulnerabilities-in-magnicomps-sysinfo-root-setuid/Third Party Advisory
https://www.exploit-db.com/exploits/44150/
http://www.magnicomp.com/support/cve/CVE-2017-6516.shtmlThird Party Advisory
http://www.securityfocus.com/bid/96934Third Party Advisory, VDB Entry
https://labs.mwrinfosecurity.com/advisories/magnicomps-sysinfo-root-setuid-local-privilege-escalation-vulnerability/Third Party Advisory
https://labs.mwrinfosecurity.com/advisories/multiple-vulnerabilities-in-magnicomps-sysinfo-root-setuid/Third Party Advisory
https://www.exploit-db.com/exploits/44150/

Timeline

Published: Mar 14, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-6516?

How severe is CVE-2017-6516?

Severity scoring for CVE-2017-6516 is pending analysis. The EPSS model estimates a 5.29% probability of exploitation in the next 30 days.

How do I fix CVE-2017-6516?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-6516?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST