CVE-2026-12164
Received Received - Intake
Fortra FIM Incorrect Permissions via tetool Import

Publication date: 2026-06-23

Last updated on: 2026-06-23

Assigner: Fortra

Description
Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission relationships.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-23
Last Modified
2026-06-23
Generated
2026-06-24
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-12164
EUVD
EUVD-2026-38636
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
fortra file_integrity_monitoring to 9.4.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects Fortra File Integrity Monitoring (FIM), formerly known as Tripwire Enterprise, in versions prior to 9.4.0. It occurs when the tetool import command is used while FIM is running. Specifically, the issue may cause incorrect or elevated effective permissions to be assigned to users created by this import command, especially if the import also creates or modifies roles or role-permission relationships.

Impact Analysis

The vulnerability can lead to users having incorrect or elevated permissions, which means they might gain more access or control than intended. This can result in unauthorized actions or changes within the system, potentially compromising the integrity of monitored files or system security.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-12164. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart