CVE-2018-20839

Name: CVE-2018-20839
Creator: NVD / NIST
Published: 2019-05-17T04:29:00.933+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 4.3/10EPSS 2.48%

Last modified Jun 17, 2026

CVE-2018-20839 is a medium-severity vulnerability rated 4.3/10 on the CVSS scale. systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.. EPSS estimates a 2.48% chance of exploitation in the next 30 days.

Description

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

Metrics

CVSS 3.1

4.3/10

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS Probability

2.48%

82.5th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Systemd Project	Systemd	242
Netapp	Cn1610 Firmware	All versions
Netapp	Snapprotect	All versions
Netapp	Solidfire \& Hci Management Node	All versions

References

http://www.securityfocus.com/bid/108389Broken Link, Third Party Advisory, VDB Entry
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993Issue Tracking, Third Party Advisory
https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322fPatch
https://github.com/systemd/systemd/pull/12378Issue Tracking, Patch
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3EMailing List
https://security.netapp.com/advisory/ntap-20190530-0002/Third Party Advisory
http://www.securityfocus.com/bid/108389Broken Link, Third Party Advisory, VDB Entry
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993Issue Tracking, Third Party Advisory
https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322fPatch
https://github.com/systemd/systemd/pull/12378Issue Tracking, Patch
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3EMailing List
https://security.netapp.com/advisory/ntap-20190530-0002/Third Party Advisory

Timeline

Published: May 17, 2019
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2018-20839?

How severe is CVE-2018-20839?

CVE-2018-20839 has a CVSS score of 4.3/10 (MEDIUM severity). The EPSS model estimates a 2.48% probability of exploitation in the next 30 days.

How do I fix CVE-2018-20839?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-20839?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST