The SSH service in Cellopoint's CelloOS includes an improper access control flaw that allows authenticated remote attackers to circumvent the command restrictions enforced by the system. This vulnerability, classified as CWE‑1284, means that a user who has successfully authenticated can execute arbitrary operating‑system commands beyond those originally authorized. The result is full remote code execution, giving an attacker complete control over the affected machine, compromising confidentiality, integrity, and availability.

Cellopoint’s CelloOS platform is affected. The vulnerability applies to all installations of this OS that rely on the built‑in SSH service, regardless of version, as no specific version range is noted. Systems that are connected to the vendor’s update service should receive the remediation that was released on 2026‑03‑18. Offline, isolated, or otherwise disconnected systems must be manually updated to a fixed release from the vendor.

The vulnerability carries a CVSS score of 8.7, indicating high severity. EPSS data is not available, but the absence of a KEV listing suggests limited evidence of active exploitation. The flaw requires authentication over SSH, so an attacker must first obtain valid user credentials or exploit a separate credential issue. Once authenticated, the attacker can bypass command restrictions and run any OS command, a direct path to compromise the host. The risk is high for environments where the SSH service is exposed externally or where privileged accounts have broad shell access.