CVE-2022-50927 | THREATINT

Description

Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. Attackers can exploit the default user configuration to gain root access by manipulating system binaries and leveraging unrestricted sudo permissions.

PUBLISHED Reserved 2026-01-11 | Published 2026-01-13 | Updated 2026-01-14 | Assigner VulnCheck

HIGH: 8.5CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

MEDIUM: 6.2CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

Incorrect Privilege Assignment

Product status

1.0.0 - 3.3.0

affected

References

www.exploit-db.com/exploits/50773 (ExploitDB-50773) exploit

www.vertiv.com/en-us/ (Vertiv Official Homepage) product

www.vulncheck.com/...nsole-server-local-privilege-escalation (VulnCheck Advisory: Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation) third-party-advisory

cve.org (CVE-2022-50927)

nvd.nist.gov (CVE-2022-50927)

Download JSON