fc-stable-diffusion-plus Insecure Permissions Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability exists in fc-stable-diffusion-plus versions through 1.0.18, where insecure permissions in the execution role allow attackers to escalate privileges. This could lead to unauthorized access to temporary security credentials of execution roles, enabling further actions such as compromising the customer's cloud account.

Impact

Exploitation of this vulnerability could directly compromise all functions in Alibaba Function Compute, allowing attackers to steal temporary security credentials of execution roles and potentially take over the customer's cloud account.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

fc-stable-diffusion-plus Insecure Permissions Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating