Description
ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation vulnerability. Authenticated remote attackers with shell access can inject OS commands and execute them with root privileges.
Published: 2026-04-20
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Patch Now
AI Analysis

Impact

The vulnerability allows an attacker who already has authenticated remote shell access to inject operating system commands. Once injected, these commands run with root privileges, giving the attacker full control over the host. The weakness is a classic operating system command injection and is classified under CWE-78.

Affected Systems

TeamT5 ThreatSonar Anti‑Ransomware is the affected product. No specific version range is provided in the available data, so all installations of this software that do not include the hotpatch remain at risk.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity. No EPSS value is published, so the likelihood of exploitation cannot be quantified from the data. The vulnerability is not listed in the CISA KEV catalog. An attacker needs authenticated remote shell access; if achieved, the elevation of privileges is straightforward and the impact is system‑wide takeover.

Generated by OpenCVE AI on April 20, 2026 at 09:22 UTC.

Remediation

Vendor Solution

Please install hotpatch version 20260302.

OpenCVE Recommended Actions

  • Install hotpatch version 20260302
  • Limit remote shell access to trusted users and enforce the principle of least privilege
  • Regularly audit and monitor privileged command execution

Generated by OpenCVE AI on April 20, 2026 at 09:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 20 Apr 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Teamt5
Teamt5 threatsonar Anti-ransomware
Vendors & Products Teamt5
Teamt5 threatsonar Anti-ransomware

Mon, 20 Apr 2026 08:45:00 +0000

Type Values Removed Values Added
Description ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation vulnerability. Authenticated remote attackers with shell access can inject OS commands and execute them with root privileges.
Title TeamT5|ThreatSonar Anti-Ransomware - Privilege Escalation
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Teamt5 Threatsonar Anti-ransomware
cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published:

Updated: 2026-04-20T13:29:59.132Z

Reserved: 2026-04-09T10:34:45.794Z

Link: CVE-2026-5967

cve-icon Vulnrichment

Updated: 2026-04-20T13:29:56.457Z

cve-icon NVD

Status : Received

Published: 2026-04-20T09:16:09.430

Modified: 2026-04-20T09:16:09.430

Link: CVE-2026-5967

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T10:30:04Z

Weaknesses