Primary

Context

Nagios XI Local Privilege Escalation Vulnerability Allowing Arbitrary Code Execution as Root

Vulnerability

Patched

A local privilege escalation vulnerability has been identified in Nagios XI versions prior to 2026R1.1. This issue arises from an unsafe interaction between sudo permissions and application file permissions, allowing a local attacker with access to the application account to execute a user-accessible maintenance script as root via sudo. The script includes an application file that can be modified by a lower-privileged user. By introducing malicious code into this file, the attacker can achieve arbitrary code execution with elevated privileges when the script is executed.

Impact

Exploitation of this vulnerability allows for arbitrary code execution as the root user.

Remediation

Users are advised to update Nagios XI to version 2026R1.1 or later.

Added: Dec 16, 2025, 11:16 PM

Updated: Dec 16, 2025, 11:16 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

10.0

exploitability

3.4

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

10.0

exploitability

3.4

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nagios XI Local Privilege Escalation Vulnerability Allowing Arbitrary Code Execution as Root

Vulnerability

Impact

Remediation

Affected Products

Nagios XI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating