Incorrect Permission in BOSH-Ecosystem BOSH-Windows-Stemcell-Builder by Cloud Foundry
CVE-2026-47830

8.5HIGH

What is CVE-2026-47830?

An incorrect permission assignment in BOSH.Utils.psm1 within the BOSH-Ecosystem’s bosh-windows-stemcell-builder component permits low-privilege authenticated users to overwrite critical executables, such as C:\bosh\service_wrapper.exe or C:\bosh\bosh-agent.exe. This flaw can be exploited to escalate privileges to NT AUTHORITY\SYSTEM upon the next service restart or reboot, potentially granting full control over the host. This security gap primarily affects versions prior to v2019.98.

Affected Version(s)

bosh-windows-stemcell-builder 0 < 2019.98

References

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

CVSS V3.0

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.