CVE-2026-34354

Name of the Vulnerable Software and Affected Versions Akamai Guardicore Platform Agent versions 7.0 through 7.3.1 Akamai Zero Trust Client versions 6.0 through 6.1.5 Akamai Guardicore Platform Agent (affected versions not specified)

Description Local privilege escalation is possible on Linux and macOS due to a Time-of-Check to Time-of-Use (TOCTOU) flaw. The GPA service creates an IPC socket in the world-writable /tmp directory and accepts unauthenticated IPC control messages. This allows an unprivileged local user to exploit the HandleSaveLogs() function by creating a log file and manipulating it into a symlink pointing to a targeted path, making arbitrary root-owned files world-writable. Additionally, the gimmelogs diagnostic collection tool, running with root privileges, is susceptible to command injection via the dbstore. On Windows, gimmelogs allows writing a ZIP archive to an unintended location.

Recommendations For Akamai Guardicore Platform Agent versions 7.0 through 7.3.1, update to a version later than 7.3.1. For Akamai Zero Trust Client versions 6.0 through 6.1.5, update to a version later than 6.1.5. As a temporary mitigation, restrict access to the /tmp directory or the gimmelogs tool to minimize the risk of exploitation.