Primary

Context

Terminalfour Privilege Escalation Vulnerability in User Management Function

Vulnerability

Patched

A vulnerability in Terminalfour versions 8.0 through 8.4.1.1 allows Power Users to bypass server-side authorization checks in the user management function. This exploitation enables them to assign the Administrator role to lower-privileged accounts or escalate privileges of newly invited lower-privileged accounts. Additionally, Power Users can change the target account's password, gaining full control over the account.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling lower-privileged users to gain administrative rights and control over other accounts.

Remediation

Users are advised to update to Terminalfour version 8.4.1.2, where this vulnerability has been fixed.

Added: Dec 2, 2025, 6:23 PM

Updated: Dec 2, 2025, 6:23 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

5.0

exploitability

5.0

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

5.0

exploitability

5.0

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Terminalfour Privilege Escalation Vulnerability in User Management Function

Vulnerability

Impact

Remediation

Affected Products

Terminalfour

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating