Fleet is open-source device management software, and a vulnerability has been identified affecting versions 4.81.0 through 4.81.0. This Command Injection flaw within the Orbit agent's FileVault disk encryption key rotation process allows a local, unprivileged user to potentially escalate to root privileges by injecting arbitrary Tcl commands. The vulnerability is resolved in version 4.81.1, and users are advised to upgrade promptly.
漏洞利用状态
EPSS
0.01% (2% 百分位)
CISA SSVC
Actualice a la versión 4.81.1 o posterior para mitigar la vulnerabilidad. Esta actualización corrige la inyección de comandos Tcl al validar correctamente la entrada del usuario antes de ejecutar scripts.
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2026-27806 is a Command Injection vulnerability in Fleet's Orbit agent. It allows a local user to inject commands into a script executed with root privileges during FileVault key rotation, potentially leading to privilege escalation.
You are affected if you are using Fleet version 4.81.0 or earlier. Versions prior to 4.81.1 are vulnerable to this Command Injection flaw.
Upgrade Fleet to version 4.81.1 to resolve this vulnerability. This version includes a fix that prevents the command injection.
CVSS 向量