CVE-2026-5967
Received Received - Intake
Privilege Escalation in ThreatSonar Anti-Ransomware via OS Command Injection

Publication date: 2026-04-20

Last updated on: 2026-04-20

Assigner: TWCERT/CC

Description
ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation vulnerability. Authenticated remote attackers with shell access can inject OS commands and execute them with root privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-20
Last Modified
2026-04-20
Generated
2026-06-16
AI Q&A
2026-04-20
EPSS Evaluated
2026-06-15
NVD
CVE-2026-5967
EUVD
EUVD-2026-23800
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
teamt5 threatsonar_anti_ransomware *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The CVE-2026-5967 vulnerability allows authenticated remote attackers to escalate privileges and execute commands with root access, leading to full system compromise.

Such a vulnerability impacts confidentiality, integrity, and availability of data at high levels, which are critical aspects in compliance with standards like GDPR and HIPAA.

Failure to mitigate this vulnerability could result in unauthorized access to sensitive data, potentially violating data protection and privacy regulations.

Mitigation by installing the vendor-provided hotpatch is recommended to reduce the risk and help maintain compliance.

Mitigation Strategies

To mitigate the CVE-2026-5967 vulnerability in ThreatSonar Anti-Ransomware versions 4.0.0 and earlier, you should install the hotpatch or patch version 20260302 provided by the vendor.

This patch addresses the privilege escalation flaw that allows authenticated remote attackers with shell access to inject and execute OS commands with root privileges.

Executive Summary

This vulnerability exists in ThreatSonar Anti-Ransomware developed by TeamT5. It is a Privilege Escalation vulnerability that allows authenticated remote attackers who already have shell access to inject operating system commands and execute them with root privileges.

Impact Analysis

The impact of this vulnerability is severe because it allows attackers with limited privileges to escalate their access to root level. This means they can execute any command on the affected system with the highest level of privileges, potentially leading to full system compromise, data theft, or disruption of services.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5967. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart