CNNVD-202511-079 Information

CNNVD ID

CNNVD-202511-079

Related CVE

CVE-2025-60892

• CNNVD Published: 2025-11-03

Description (Chinese)

Raspberry Pi Imager是Raspberry Pi开源的一款工具软件。 Raspberry Pi Imager 1.9.6版本存在安全漏洞，该漏洞源于公钥认证设置错误地将本地id_rsa.pub密钥重新添加到Raspberry Pi的authorized_keys文件中，可能导致攻击者使用非预期密钥登录设备。

Description (English)

Raspberry Pi Imager is an open-source tool for Raspberry Pi. There is a security loophole in the Raspberry Pi Imager 1.9.6 version, which stems from the incorrect re-adding of the local id rsa.pub key by the public key authentication settings to the authorized keys file of Raspberry Pi, which may result in the aggressor using an unexpected key to log in the device.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Raspberry Pi

Published

2025-11-03

Last Modified

2026-02-24

References

https://github.com/raspberrypi/rpi-imager/issues/1185 https://access.redhat.com/security/cve/cve-2025-60892