CVE-2026-33390
Received Received - Intake

Incorrect Privilege Assignment in Arc Sensor CLI Sync

Vulnerability report for CVE-2026-33390, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-09

Assigner: Nozomi Networks Inc.

Description

An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. An authenticated user with limited privileges can push administrative CLI commands through the sync, altering the device configuration, and/or affecting its availability.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-09
Generated
2026-07-09
AI Q&A
2026-07-09
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
nozomi_networks guardian to 26.2.0 (exc)
nozomi_networks cmc to 26.2.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-33390 is an Incorrect Privilege Assignment vulnerability found in Guardian and CMC devices before version 26.2.0. It occurs because Arc sensors receive CLI permissions during synchronization. This means that an authenticated user with limited privileges can push administrative CLI commands through the sync process.

As a result, such a user can alter the device configuration or affect the device's availability, which should normally require higher privileges.

Impact Analysis

This vulnerability allows an authenticated user with limited privileges to execute administrative commands on affected devices. This can lead to unauthorized modification of device configurations or disruption of device availability.

Such impacts could compromise the stability and security of your network infrastructure, potentially leading to downtime or misconfiguration.

Mitigation Strategies

To mitigate the vulnerability, users should review and remove any untrusted Arc sensors that may have been granted CLI permissions during synchronization.

Additionally, upgrading the Guardian and CMC devices to version 26.2.0 or later is recommended to address this issue.

Detection Guidance

This vulnerability involves Arc sensors receiving CLI permissions during synchronization, which allows authenticated users with limited privileges to execute administrative commands. Detection involves reviewing the synchronization configurations and permissions assigned to Arc sensors.

To detect this vulnerability on your system, you should:

  • Check if any Arc sensors have been granted CLI permissions during synchronization.
  • Review device synchronization logs for unusual administrative command executions by users with limited privileges.
  • Identify and remove any untrusted sensors that may have elevated permissions.

Specific commands are not provided in the available resources. However, typical steps might include querying device configurations and synchronization settings to verify sensor permissions and reviewing audit logs for unauthorized CLI command usage.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33390. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart