Privilege Escalation in Checkmk by Tribe29
CVE-2026-14852

5.2MEDIUM

Key Information:

Status
Vendor
CVE Published:
14 July 2026

What is CVE-2026-14852?

A vulnerability in Checkmk versions prior to 2.5.0p9, 2.4.0p34, and 2.3.0p49 enables local unprivileged users to escalate their privileges to root. This exploitation occurs when the mk_sap_hana agent plugin runs as root and misconfigures database instance identifiers from the process list. If a user crafts a process to mimic an SAP HANA instance, they can execute arbitrary commands with elevated privileges, as the system mistakenly trusts the derived identifiers.

Affected Version(s)

Checkmk 2.5.0 < 2.5.0p9

Checkmk 2.4.0 < 2.4.0p34

Checkmk 2.3.0 < 2.3.0p49

References

CVSS V4

Score:
5.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.