CVE-2022-50927
Unknown Unknown - Not Provided

Local Privilege Escalation in Cyclades Serial Console Server

Vulnerability report for CVE-2022-50927, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-01-13

Last updated on: 2026-01-13

Assigner: VulnCheck

Description

Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. Attackers can exploit the default user configuration to gain root access by manipulating system binaries and leveraging unrestricted sudo permissions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-01-13
Last Modified
2026-01-13
Generated
2026-07-06
AI Q&A
2026-01-14
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
cyclades serial_console_server 3.3.0
cyclades serial_console_server From 1.0.0 (inc) to 3.3.0 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2022-50927 is a local privilege escalation vulnerability in Cyclades Serial Console Server versions 1.0.0 through 3.3.0. It occurs because the default admin user and admin group have overly permissive sudo privileges, allowing local users to execute various system binaries without restriction. Attackers can exploit this by manipulating system binaries (for example, swapping /bin/bash and /bin/sed) to gain root access, effectively escalating their privileges on the system. [1, 2]

Impact Analysis

This vulnerability allows an attacker with local access to escalate their privileges to root, giving them full control over the affected system. This can lead to unauthorized access to sensitive data, modification or deletion of system files, and disruption of system availability. Essentially, it compromises the confidentiality, integrity, and availability of the system. [1, 2]

Detection Guidance

This vulnerability can be detected by inspecting the sudoers configuration for overly permissive sudo privileges assigned to the 'admin' user and 'admin' group. One method is to extract and mount the firmware image of the Cyclades Serial Console Server and check the sudoers file for unrestricted sudo access to system binaries such as /bin/mv. Commands to check sudo privileges locally include running 'sudo -l' as an admin user to list allowed commands. Additionally, inspecting the /etc/sudoers file or files in /etc/sudoers.d/ for entries granting unrestricted sudo access to the admin user/group can help detect the vulnerability. [1]

Mitigation Strategies

Immediate mitigation steps include removing or restricting the overly permissive sudo privileges assigned to the admin user and admin group. This involves editing the sudoers configuration to limit or remove unrestricted access to risky binaries such as /bin/mv. Applying software updates or patches that address this vulnerability, or upgrading to a newer, non-vulnerable version of the Cyclades Serial Console Server software, is also recommended. Additionally, limiting local user access to trusted users and monitoring for suspicious activity can help reduce risk. [1, 2]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50927. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart