{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-12164", "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "state": "PUBLISHED", "assignerShortName": "Fortra", "dateReserved": "2026-06-12T19:31:35.041Z", "datePublished": "2026-06-23T22:15:37.683Z", "dateUpdated": "2026-06-23T22:25:18.710Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "shortName": "Fortra", "dateUpdated": "2026-06-23T22:25:18.710Z"}, "title": "Privilege Escalation in Fortra File Integrity Monitoring (FIM)", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-266", "description": "CWE-266 Incorrect privilege assignment", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "affected": [{"vendor": "Fortra", "product": "File Integrity Monitoring (FIM)", "versions": [{"status": "affected", "version": "0", "lessThan": "9.4.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the\u00a0tetool import\u00a0command while FIM is running, particularly when the import also creates or changes roles or role-permission relationships.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission relationships."}]}], "references": [{"url": "https://www.fortra.com/security/advisories/product-security/fi-2026-010"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseSeverity": "MEDIUM", "baseScore": 4.4, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N"}}], "solutions": [{"lang": "en", "value": "Upgrade to version 9.4.0 or later.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Upgrade to version 9.4.0 or later."}]}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}}}

{}

{}

{}

{}