PT-2026-30812 · Checkmk Gmbh · Checkmk
Published
2026-04-07
·
Updated
2026-04-07
·
CVE-2025-39666
CVSS v4.0
9.3
Critical
| AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H |
Local privilege escalation in Checkmk 2.2.0 (EOL), Checkmk 2.3.0 before 2.3.0p46, Checkmk 2.4.0 before 2.4.0p25, and Checkmk 2.5.0 (beta) before 2.5.0b3 allows a site user to escalate their privileges to root, by manipulating files in the site context that are processed when the
omd administrative command is run by root.Fix
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Checkmk