Ilevia EVE X1 Server Privilege Escalation Vulnerability

Vulnerability

A vulnerability allowing unauthorized privilege escalation to root has been identified in Ilevia EVE X1 Server firmware versions through 4.7.18.0.eden. This issue arises from an execution with unnecessary privileges in the sync_project.sh script. Ilevia has chosen not to address this vulnerability and advises customers to avoid exposing port 8080 to the internet.

Impact

Exploitation of this vulnerability allows an attacker to gain root privileges on the affected server.

Added: Oct 16, 2025, 6:30 PM

Updated: Oct 16, 2025, 6:30 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ilevia EVE X1 Server Privilege Escalation Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating