CVE-2026-5384
Received Received - Intake

Incorrect Authorization in runZero Platform Allows Credential Update Abuse

Vulnerability report for CVE-2026-5384, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-07

Last updated on: 2026-04-21

Assigner: 44488dab-36db-4358-99f9-bc116477f914

Description

An issue that could allow a credential to be updated and used for a task from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N (5.8 Medium). This issue was fixed in version 4.0.26021.0 of the runZero Platform.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-07
Last Modified
2026-04-21
Generated
2026-07-06
AI Q&A
2026-04-07
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
runzero runzero_platform to 4.0.26021.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-5384 is a vulnerability in the runZero Platform related to incorrect authorization (CWE-863). It allows an authenticated user who has confidential information about a target organization to update and use a credential for tasks outside their authorized organizational scope.

This means the user can perform actions and access credentials in organizations they normally should not have access to, effectively bypassing intended access controls.

Impact Analysis

The vulnerability can lead to unauthorized access to confidential credentials and allow execution of tasks outside the authorized organizational boundaries.

This unauthorized access can compromise the confidentiality of sensitive information, potentially exposing credentials that should remain restricted.

The CVSS score indicates a medium severity with a high confidentiality impact but no impact on integrity or availability.

Detection Guidance

This vulnerability involves an authenticated user being able to update and use credentials outside their authorized organizational scope in the runZero Platform. Detection would require monitoring for unauthorized credential updates or usage across organizational boundaries.

Since the vulnerability requires high privileges and network access, detection could involve auditing logs for credential changes or task executions that cross organizational scopes.

The provided resources do not include specific commands or tools to detect this vulnerability on your network or system.

Mitigation Strategies

The immediate mitigation step is to upgrade the runZero Platform to version 4.0.26021.0 or later, where this vulnerability has been fixed.

Additionally, restrict access to users with high privileges and monitor credential updates to ensure they occur only within authorized organizational scopes.

Compliance Impact

This vulnerability allows an authenticated user to update and use credentials outside their authorized organizational scope, potentially exposing confidential credentials associated with other organizations. Such unauthorized access to confidential information could lead to violations of data protection and privacy regulations like GDPR and HIPAA, which require strict access controls and protection of sensitive data.

Because the vulnerability impacts confidentiality by enabling unauthorized viewing of credentials, it may increase the risk of non-compliance with standards that mandate confidentiality and proper authorization mechanisms.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5384. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart