← Back to CVEs
CVE-2024-13090
HIGH7.0
Description
A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account. It is important to note that no such vector has been identified in this instance.
CVE Details
CVSS v3.1 Score7.0
SeverityHIGH
CVSS VectorCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityHIGH
Privileges RequiredLOW
User InteractionNONE
Published6/10/2025
Last Modified6/12/2025
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-250
References
https://security.nozominetworks.com/NN-2025:2-01(prodsec@nozominetworks.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.