CVE-2025-39666

216.73.217.22

· Published 07/04/2026 13:16 · Modified 07/04/2026 13:20

Labels: CVE-2025-39666 2026-04-07 CVE-2025-39666 CWE-426 [email protected]

Essential information

Published: 07/04/2026 13:16
Modified: 07/04/2026 13:20
Author: —
Creator: —
CVSS: 9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

Local privilege escalation in Checkmk 2.2.0 (EOL), Checkmk 2.3.0 before 2.3.0p46, Checkmk 2.4.0 before 2.4.0p25, and Checkmk 2.5.0 (beta) before 2.5.0b3 allows a site user to escalate their privileges to root, by manipulating files in the site context that are processed when the `omd` administrative command is run by root.

NVD status

Status: Undergoing Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
checkmk / checkmk	`cpe:2.3:a:checkmk:checkmk:2.2.0:::::::*`
checkmk / checkmk	`cpe:2.3:a:checkmk:checkmk:<2.3.0p46:::::::*`
checkmk / checkmk	`cpe:2.3:a:checkmk:checkmk:<2.4.0p25:::::::*`
checkmk / checkmk	`cpe:2.3:a:checkmk:checkmk:<2.5.0b3:::::::*`