Impact
The vulnerability stems from insufficient validation of user-supplied commands in the vmadmin command‑line interface of Cisco Umbrella Virtual Appliance. An authenticated attacker who can run commands as vmadmin can exploit the flaw to elevate privileges to root, thereby gaining full control over the device. This is a local privilege escalation weakness (CWE‑269).
Affected Systems
Cisco Umbrella Insights Virtual Appliance is the affected product. No specific affected versions are listed in the advisory.
Risk and Exploitability
The CVSS assessment gives a moderate severity of 6.0, while the EPSS score of less than 1% indicates a low probability of exploitation at present. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires local access and valid vmadmin credentials; it cannot be triggered remotely. Given the lack of publicly known exploits, the immediate threat remains low, but the potential impact of reaching root warrants timely remediation.
OpenCVE Enrichment