PT-2026-49245 · Fortra · Ca Privileged Access Manager
Published
2026-06-15
·
Updated
2026-06-15
·
CVE-2026-9862
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Fortra's
Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ca Privileged Access Manager