ГлавнаяУязвимости → CVE-2026-9862
9.8критическая

CVE-2026-9862

Описание

Fortra's  Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.

Затрагиваемое ПО
Forta Core privileged access manager
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.fortra.com/security/advisories/product-security/fi-2026-007