PT-2026-2403 · Cyclades · Cyclades Serial Console Server
Published
2026-01-13
·
Updated
2026-01-14
·
CVE-2022-50927
CVSS v3.1
6.2
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cyclades Serial Console Server version 3.3.0
Description
The Cyclades Serial Console Server version 3.3.0 has a local privilege escalation issue. This is due to overly permissive sudo privileges granted to the admin user and the admin group. An attacker can exploit the default user configuration to obtain root access by manipulating system binaries and leveraging unrestricted sudo permissions.
Recommendations
Apply necessary restrictions to the sudo privileges for the admin user and admin group.
Exploit
Fix
LPE
Incorrect Privilege Assignment
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cyclades Serial Console Server