Privilege escalation in Nozomi Networks Cmc

CVE-2026-33390

An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. An authenticated user with limited privileges can push administrative CLI commands through th…

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2026-33390?
CVE-2026-33390 is a high-severity vulnerability in Nozomi Networks Cmc, classified under Incorrect Privilege Assignment. CVSS score: 8.1/10. Published 2026-07-09.
How severe is CVE-2026-33390?
High severity. CVSS v3 base score is 8.1 out of 10.