CVE-2022-50927
Unknown Unknown - Not Provided
Local Privilege Escalation in Cyclades Serial Console Server

Publication date: 2026-01-13

Last updated on: 2026-01-13

Assigner: VulnCheck

Description
Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. Attackers can exploit the default user configuration to gain root access by manipulating system binaries and leveraging unrestricted sudo permissions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-01-13
Generated
2026-06-16
AI Q&A
2026-01-14
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50927
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
cyclades serial_console_server 3.3.0
cyclades serial_console_server From 1.0.0 (inc) to 3.3.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2022-50927 is a local privilege escalation vulnerability in Cyclades Serial Console Server versions 1.0.0 through 3.3.0. It occurs because the default admin user and admin group have overly permissive sudo privileges, allowing local users to execute various system binaries without restriction. Attackers can exploit this by manipulating system binaries (for example, swapping /bin/bash and /bin/sed) to gain root access, effectively escalating their privileges on the system. [1, 2]

Impact Analysis

This vulnerability allows an attacker with local access to escalate their privileges to root, giving them full control over the affected system. This can lead to unauthorized access to sensitive data, modification or deletion of system files, and disruption of system availability. Essentially, it compromises the confidentiality, integrity, and availability of the system. [1, 2]

Detection Guidance

This vulnerability can be detected by inspecting the sudoers configuration for overly permissive sudo privileges assigned to the 'admin' user and 'admin' group. One method is to extract and mount the firmware image of the Cyclades Serial Console Server and check the sudoers file for unrestricted sudo access to system binaries such as /bin/mv. Commands to check sudo privileges locally include running 'sudo -l' as an admin user to list allowed commands. Additionally, inspecting the /etc/sudoers file or files in /etc/sudoers.d/ for entries granting unrestricted sudo access to the admin user/group can help detect the vulnerability. [1]

Mitigation Strategies

Immediate mitigation steps include removing or restricting the overly permissive sudo privileges assigned to the admin user and admin group. This involves editing the sudoers configuration to limit or remove unrestricted access to risky binaries such as /bin/mv. Applying software updates or patches that address this vulnerability, or upgrading to a newer, non-vulnerable version of the Cyclades Serial Console Server software, is also recommended. Additionally, limiting local user access to trusted users and monitoring for suspicious activity can help reduce risk. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50927. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart