Sbabic · Swupdate · CVE-2025-41259
**Name of the Vulnerable Software and Affected Versions**
SWUpdate versions prior to 2026.05
**Description**
A time-of-check time-of-use (TOCTOU) race condition exists, which is a software bug where a system checks a condition (such as a security credential) and then uses the result of that check, but the condition changes between the check and the use. This allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update.
**Recommendations**
Update to version 2026.05.