CVE-2025-26397
BaseFortify
Publication date: 2025-07-24
Last updated on: 2025-11-12
Assigner: SolarWinds
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| solarwinds | observability_self-hosted | to 2025.2.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in SolarWinds Observability Self-Hosted is a local privilege escalation issue caused by deserialization of untrusted data. An attacker who has low-level authenticated access and local access to the host server can exploit this flaw to escalate their privileges by running malicious files placed into permission-protected folders. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker with low-level access to escalate their privileges on the host server, potentially enabling them to execute malicious files with higher permissions. This can lead to unauthorized control over the system, data compromise, and disruption of services. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update your SolarWinds Observability Self-Hosted installation to the SolarWinds Platform 2025.2.1 service release, which includes fixes addressing this local privilege escalation issue. Additionally, restrict low-privilege authenticated users' local access to the host server and monitor for any unauthorized file executions in permission-protected folders. [1]