First published 3 April 2023

CVSS 3.1: 7.8 (High)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

The configuration mechanism in IGEL OS has been found to have two vulnerabilities rated high. This affects the following IGEL products:

  • IGEL OS 11

Details

A penetration test commissioned by IGEL has found two instances of local privilege escalation in the IGEL OS configuration mechanism. A non-privileged user could employ these to become root on the local system. These issues are rated as high.

Update Instructions

  • Update to IGEL OS 11.08.290