Platform
nagios
Component
nagios-xi
Fixed in
2024R1.0.1
CVE-2024-14009 describes a privilege escalation vulnerability discovered in Nagios XI. This flaw allows authenticated administrators to execute actions outside the application's security scope, potentially leading to root access on the XI server. The vulnerability affects versions prior to 2024R1.0.1. A patch is available in version 2024R1.0.1.
The System Profile feature in Nagios XI, designed for administrative diagnostics and configuration, is the root cause of this vulnerability. An attacker, already possessing administrative credentials, can exploit improper access controls and unsafe handling of profile data to escalate their privileges. Successful exploitation grants the attacker root access to the underlying XI server, enabling them to execute arbitrary commands, modify system configurations, and potentially compromise the entire system. This represents a significant security risk, as it bypasses standard application-level security measures and grants direct control over the host operating system. The potential for data exfiltration, system disruption, and further lateral movement within the network is substantial.
CVE-2024-14009 was publicly disclosed on 2025-10-30. Currently, there are no known public proof-of-concept exploits available. The EPSS score is pending evaluation. This vulnerability has not yet been added to the CISA KEV catalog.
Exploit Status
EPSS
0.20% (42% percentile)
CISA SSVC
The primary mitigation for CVE-2024-14009 is to immediately upgrade Nagios XI to version 2024R1.0.1 or later. If upgrading is not immediately feasible, consider restricting access to the System Profile feature to a minimal set of trusted administrators. Review and audit existing System Profile configurations to identify any potentially malicious settings. While a WAF or proxy cannot directly mitigate this vulnerability, implementing strict network segmentation and access controls can limit the potential impact of a successful exploitation. After upgrading, confirm the fix by attempting to export and import a System Profile as an administrator and verifying that no unauthorized actions are executed.
Actualice Nagios XI a la versión 2024R1.0.1 o posterior. Esta actualización corrige la vulnerabilidad de escalada de privilegios en el componente System Profile. La actualización se puede realizar a través de la interfaz de administración de Nagios XI o descargando la última versión del sitio web de Nagios.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-14009 is a vulnerability in Nagios XI versions prior to 2024R1.0.1 that allows an authenticated administrator to escalate privileges and potentially gain root access to the XI server.
If you are running Nagios XI versions 0–2024R1.0.1, you are potentially affected by this vulnerability. Upgrade to version 2024R1.0.1 or later to mitigate the risk.
The recommended fix is to upgrade Nagios XI to version 2024R1.0.1 or a later version that includes the security patch. Restricting access to the System Profile feature can provide a temporary workaround.
As of 2025-10-30, there are no confirmed reports of active exploitation of CVE-2024-14009, but it's crucial to apply the patch promptly.
Please refer to the official Nagios XI security advisory for detailed information and updates regarding CVE-2024-14009: [https://support.nagios.com/kb/article/137677/nagios-xi-security-advisory-cve-2024-14009/]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.