216.73.216.170

CVE-2024-13090

· Published 10/06/2025 11:15 · Modified 10/06/2025 11:15

Labels: CVE-2024-13090 2025-06-10CVE-2024-13090CWE-250[email protected]

Essential information

Published
10/06/2025 11:15
Modified
10/06/2025 11:15
Author
Creator
CVSS
7.3 HIGH (v3) 7.3 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account. It is important to note that no such vector has been identified in this instance.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
nozomi networks / nozomi service account cpe:2.3:a:nozomi_networks:nozomi_service_account:*:*:*:*:*:*:*:*
sudo / sudo cpe:2.3:a:sudo:sudo:*:*:*:*:*:*:*:*

References