Privilege escalation in Nozomi Networks Cmc
CVE-2026-33390
An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. An authenticated user with limited privileges can push administrative CLI commands through th…
CVSS v3 metric
CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H.
Affected products
- Nozomi Networks Cmc — versions 0
- Nozomi Networks Guardian — versions 0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2026-33390?
- CVE-2026-33390 is a high-severity vulnerability in Nozomi Networks Cmc, classified under Incorrect Privilege Assignment. CVSS score: 8.1/10. Published 2026-07-09.
- How severe is CVE-2026-33390?
- High severity. CVSS v3 base score is 8.1 out of 10.