Privilege Escalation in Checkmk by Tribe29
CVE-2026-14852
5.2MEDIUM
What is CVE-2026-14852?
A vulnerability in Checkmk versions prior to 2.5.0p9, 2.4.0p34, and 2.3.0p49 enables local unprivileged users to escalate their privileges to root. This exploitation occurs when the mk_sap_hana agent plugin runs as root and misconfigures database instance identifiers from the process list. If a user crafts a process to mimic an SAP HANA instance, they can execute arbitrary commands with elevated privileges, as the system mistakenly trusts the derived identifiers.
Affected Version(s)
Checkmk 2.5.0 < 2.5.0p9
Checkmk 2.4.0 < 2.4.0p34
Checkmk 2.3.0 < 2.3.0p49
