CVE-2025-26397 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileg…
High CVSS: 7.8

CVE-2025-26397

SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to a permission-protected folder. This vulnerability requires authentication from a low-level account and local access to the host server.
Vendor
Solarwinds
Product
Observability Self-hosted
CWE
CWE-502
Yayın Tarihi
2025-07-24 08:15:30
Güncelleme
2025-11-12 19:17:37
Source Identifier
psirt@solarwinds.com
KEV Date Added
-

Kategoriler

CWE-502 Observability Self-hosted HIGH Solarwinds 2025

Referanslar

https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2025-2-1_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26397