### [CVE-2024-11584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11584)
![](https://img.shields.io/static/v1?label=Product&message=cloud-init&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=21.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds