PT-2026-56729 · Nozomi Networks · Cmc+1

Published

2026-07-09

·

Updated

2026-07-09

·

CVE-2026-33390

CVSS v3.1

8.1

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. An authenticated user with limited privileges can push administrative CLI commands through the sync, altering the device configuration, and/or affecting its availability.

Fix

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-33390

Affected Products

Cmc
Guardian