MAAS Improper Input Validation Vulnerability in Websocket User Handler Allows Unauthorized Privilege Escalation

Vulnerability

A vulnerability allowing improper input validation has been identified in the user websocket handler of MAAS. This issue enables an authenticated, unprivileged attacker to intercept websocket requests related to user updates and inject the is_superuser property, setting it to true. The server's failure to properly validate this input allows the attacker to elevate their privileges to an administrator role, granting full administrative control over the MAAS deployment.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling an attacker to gain full administrative rights within the MAAS environment.

Added: Dec 3, 2025, 4:17 PM

Updated: Dec 3, 2025, 4:17 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.5

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.5

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MAAS Improper Input Validation Vulnerability in Websocket User Handler Allows Unauthorized Privilege Escalation

Vulnerability

Impact

Affected Products

Canonical MAAS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating