4.0.260202.0
CVE-2026-5373 describes a Privilege Escalation vulnerability within the runZero Platform. This flaw allows all-organization administrators to improperly promote accounts to superuser status, bypassing intended access controls. The vulnerability impacts versions from 0.0.0 through 4.0.260202.0 and has been resolved in version 4.0.260202.0.
The primary impact of CVE-2026-5373 is the potential for unauthorized access and control within the runZero Platform. An attacker, posing as an all-organization administrator, could exploit this vulnerability to elevate any account to superuser privileges. This grants them complete control over the platform, including the ability to modify configurations, access sensitive data, and potentially compromise other systems integrated with runZero. The blast radius extends to any data or systems managed through the runZero platform, making this a significant security concern.
CVE-2026-5373 was publicly disclosed on 2026-04-07. As of this writing, there are no publicly available proof-of-concept exploits. The vulnerability is not currently listed on CISA KEV. The EPSS score is pending evaluation, but the HIGH CVSS score suggests a potential for exploitation if a suitable exploit is developed and becomes publicly available.
Organizations heavily reliant on runZero Platform for asset discovery and management are at significant risk. Specifically, deployments with a large number of all-organization administrators or those lacking robust access control policies are particularly vulnerable. Shared hosting environments utilizing runZero also pose an increased risk due to potential cross-tenant access.
disclosure
エクスプロイト状況
EPSS
0.03% (8% パーセンタイル)
CISA SSVC
CVSS ベクトル
The recommended mitigation for CVE-2026-5373 is to immediately upgrade the runZero Platform to version 4.0.260202.0 or later, which contains the fix. If an immediate upgrade is not feasible, carefully review all administrator accounts and their permissions. Implement multi-factor authentication (MFA) for all administrator accounts to add an extra layer of security. Monitor administrator activity logs for any suspicious behavior, particularly account promotions. After upgrading, confirm the fix by verifying that standard user accounts cannot be promoted to superuser status through the administrative interface.
Actualice la plataforma runZero a la versión 4.0.260202.0 o posterior para mitigar la vulnerabilidad de escalada de privilegios. Esta actualización corrige un problema que permitía a los administradores de toda la organización promover cuentas a superusuarios, lo que podría comprometer la seguridad del sistema.
脆弱性分析と重要アラートをメールでお届けします。
CVE-2026-5373 is a HIGH severity vulnerability allowing all-organization administrators to promote accounts to superuser status in runZero Platform, potentially granting unauthorized access.
If you are running runZero Platform versions 0.0.0–4.0.260202.0, you are potentially affected by this vulnerability. Upgrade immediately.
Upgrade to version 4.0.260202.0 or later to remediate the vulnerability. Review administrator permissions and implement MFA.
As of now, there are no confirmed reports of active exploitation, but the HIGH CVSS score warrants vigilance.
Refer to the official runZero security advisory for detailed information and updates: [https://www.runzero.io/security/advisories](https://www.runzero.io/security/advisories)
依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。