What is CVE-2026-12164?

CVE-2026-12164 is a medium-severity vulnerability in Fortra File Integrity Monitoring (Fim), classified under Incorrect Privilege Assignment. CVSS score: 4.4/10. Published 2026-06-23.

How severe is CVE-2026-12164?

Medium severity. CVSS v3 base score is 4.4 out of 10.

Privilege escalation in Fortra File Integrity Monitoring (Fim)

CVE-2026-12164

Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the…

CVSS v3 metric

CVSS v3 base score 4.4 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N.

Affected products

Fortra File Integrity Monitoring (Fim) — versions 0

Weakness classification (CWE)

CWE-266 — Incorrect Privilege Assignment

References

df4dee71-de3a-4139-9588-11b62fe6c0ff

Frequently asked questions

What is CVE-2026-12164?: CVE-2026-12164 is a medium-severity vulnerability in Fortra File Integrity Monitoring (Fim), classified under Incorrect Privilege Assignment. CVSS score: 4.4/10. Published 2026-06-23.
How severe is CVE-2026-12164?: Medium severity. CVSS v3 base score is 4.4 out of 10.