Description
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory.
Scores
CVSS v4
5.8
EPSS
0.0002
EPSS Percentile
4.3%
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-426
Status
published
Products (3)
Zabbix/Zabbix
6.0.0 - 6.0.36
Zabbix/Zabbix
7.0.0 - 7.0.5
Zabbix/Zabbix
7.2.0 - 7.2.1
Published
Dec 01, 2025
Tracked Since
Feb 18, 2026