CVE-2025-34288

16.12.2025, 23:15

Nagios XI versions prior to 2026R1.1 arevulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A useraccessible maintenance script may be executed as root via sudo and includes an application file that is writable by a lowerprivileged user. A local attacker with access to the application account can modify this file to introduce malicious code, which is then executed with elevated privileges when the script is run. Successful exploitation results in arbitrary code execution as the root user.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.7 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
VulnCheck	CNA	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 21%

Vendor	Product	Version
nagios	nagios_xi	𝑥 ≤ 2024

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-732 - Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

Vulnerability Media Exposure

[GERMAN] Nagios Enterprises Nagios XI: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Administratorrechten
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Nagios Enterprises Nagios XI ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen.
Published: 2025-12-16T23:00:00+00:00

References

https://www.nagios.com/changelog/nagios-xi/2026r1-1/

https://www.vulncheck.com/advisories/nagios-xi-privilege-escalation-via-writable-php-include-executed-with-sudo