Vulnerabilities (CVE)

Filtered by vendor Forta Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-9863 1 Forta 1 Core Privileged Access Manager 2026-07-09 N/A 7.5 HIGH
Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling.
CVE-2026-9862 1 Forta 1 Core Privileged Access Manager 2026-07-09 N/A 9.8 CRITICAL
Fortra's  Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.