{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-33390","assignerOrgId":"bec8025f-a851-46e5-b3a3-058e6b0aa23c","state":"PUBLISHED","assignerShortName":"Nozomi","dateReserved":"2026-03-19T11:28:43.172Z","datePublished":"2026-07-09T07:23:30.236Z","dateUpdated":"2026-07-09T12:29:18.009Z"},"containers":{"cna":{"providerMetadata":{"orgId":"bec8025f-a851-46e5-b3a3-058e6b0aa23c","shortName":"Nozomi","dateUpdated":"2026-07-09T07:23:30.236Z"},"title":"Incorrect privilege assignment for Arc sensors in Guardian/CMC before 26.2.0","datePublic":"2026-07-07T07:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-266","description":"CWE-266 Incorrect privilege assignment","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-122","descriptions":[{"lang":"en","value":"CAPEC-122 Privilege Abuse"}]}],"affected":[{"vendor":"Nozomi Networks","product":"Guardian","versions":[{"status":"affected","version":"0","lessThan":"26.2.0","versionType":"semver"}],"defaultStatus":"unaffected"},{"vendor":"Nozomi Networks","product":"CMC","versions":[{"status":"affected","version":"0","lessThan":"26.2.0","versionType":"semver"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nozomi_networks:guardian:*:*:*:*:*:*:*:*","versionStartIncluding":"0","versionEndExcluding":"26.2.0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nozomi_networks:cmc:*:*:*:*:*:*:*:*","versionStartIncluding":"0","versionEndExcluding":"26.2.0"}]}]}],"descriptions":[{"lang":"en","value":"An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. An authenticated user with limited privileges can push administrative CLI commands through the sync, altering the device configuration, and/or affecting its availability.","supportingMedia":[{"type":"text/html","base64":false,"value":"An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. An authenticated user with limited privileges can push administrative CLI commands through the sync, altering the device configuration, and/or affecting its availability."}]}],"references":[{"url":"https://security.nozominetworks.com/NN-2026:13-01"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED","version":"4.0","baseSeverity":"HIGH","baseScore":7.2,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_1":{"version":"3.1","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseSeverity":"HIGH","baseScore":8.1,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}}],"workarounds":[{"lang":"en","value":"Review all enabled sensors and disallow or delete untrusted ones.","supportingMedia":[{"type":"text/html","base64":false,"value":"Review all enabled sensors and disallow or delete untrusted ones.<br>"}]}],"solutions":[{"lang":"en","value":"Upgrade to v26.2.0 or later.","supportingMedia":[{"type":"text/html","base64":false,"value":"Upgrade to v26.2.0 or later.<br>"}]}],"credits":[{"lang":"en","value":"This issue was found by Andrea Palanca of Nozomi Networks Product Security team during an internal investigation.","type":"finder"}],"source":{"discovery":"INTERNAL"},"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-07-09T12:28:05.263677Z","id":"CVE-2026-33390","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-07-09T12:29:18.009Z"}}]}}