## https://sploitus.com/exploit?id=593D695F-5691-5D05-B5AF-3AED23364FB0
# CVE-2025-6019-udisks-lpe-no-image
Script-only privilege escalation chain using CVE-2025-6019 and UDisks2 (no filesystem image included).
# Credits, Context & Exploit Chain
This repository does not introduce a new vulnerability.
The privilege-escalation technique implemented here is fully based on previously published research.
I could not find an existing script that operates without on-target image creation, which motivated the creation of this automation script.
# Original Research & Advisory
The root cause analysis, exploitation workflow, and mitigation guidance were researched and disclosed by the original CVE authors:
๐ https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
All credit goes to the original researchers for the discovery and responsible disclosure.
Exploit Chain Overview
**This script is not a standalone exploit and must be used as part of a chained attack path.**
# Required Exploitation Flow
**CVE-2025-6018 must be exploited first**
This step is required to obtain the correct execution context and D-Bus permissions.
This repository does not provide an exploit for CVE-2025-6018.
After successful exploitation of CVE-2025-6018, the attacker gains the ability to interact with:
org.freedesktop.login1
org.freedesktop.UDisks2
A crafted sequence of gdbus and udisks operations is then used to trigger a logic flaw,
resulting in a privileged filesystem operation.
This ultimately leads to the creation of a SUID-privileged shell, allowing escalation to root.
# Filesystem Image Requirement
This PoC is specifically adapted for systems where mkfs.xfs is NOT available on the target.
Instead of creating a filesystem dynamically, it relies on a pre-existing XFS image.
The image creation process and recommended workflow are documented in the original advisory and must be followed exactly:
๐ https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
**The image must be prepared separetly before running this script and is considered part of the overall exploit chain.**
Assumptions & Scope
Target system is a vulnerable SUSE / openSUSE-based environment
**CVE-2025-6018 has already been successfully exploited**
Required D-Bus services are available and reachable
This script focuses on reliability and clarity, not stealth or evas