Vulnerabilities ›

CVE-2026-28372

High

CWE-829 — Weakness Type

                    Published: Feb 27, 2026                      ·  Modified: Feb 28, 2026                      ·  Source: NVD                

CVSS v3

7.4

🔗 NVD Official

📄 Description (English)

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.

🤖 AI Executive Summary

CVE-2026-28372 is a privilege escalation vulnerability in GNU inetutils telnetd through version 2.7 that exploits systemd service credentials in util-linux 2.40. An unprivileged local user can escalate privileges by manipulating the CREDENTIALS_DIRECTORY environment variable and creating a login.noauth file.

📄 Description (Arabic)

تسمح هذه الثغرة لمستخدم محلي غير متميز باستغلال دعم بيانات اعتماد systemd الجديد في telnetd لتصعيد الامتيازات. يتم الاستغلال من خلال التحكم في متغير البيئة CREDENTIALS_DIRECTORY وإنشاء ملف login.noauth.

🤖 ملخص تنفيذي (AI)

This vulnerability affects GNU inetutils telnetd versions up to 2.7 and allows local privilege escalation through systemd credentials abuse. Attackers can exploit the CREDENTIALS_DIRECTORY environment variable to gain elevated privileges on affected systems.

🤖 AI Intelligence Analysis Analyzed: May 5, 2026 02:32

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

government telecom banking energy

🎯 MITRE ATT&CK Techniques

T1548.004 T1134.003 T1574.008

⚖️ Saudi Risk Score (AI)

7.0

/ 10.0

🔧 Remediation Steps (English)

Update GNU inetutils to version 2.8 or later and util-linux to version 2.41 or newer. Restrict local user access to telnetd services, disable telnetd if not required, implement strict environment variable controls, and apply principle of least privilege for system accounts.

🔧 خطوات المعالجة (العربية)

قم بتحديث GNU inetutils إلى الإصدار 2.8 أو أحدث وutil-linux إلى الإصدار 2.41 أو أحدث. قيد وصول المستخدمين المحليين إلى خدمات telnetd، وعطل telnetd إذا لم تكن مطلوبة، وطبق عناصر تحكم صارمة في متغيرات البيئة، وطبق مبدأ أقل امتياز للحسابات النظامية.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

5.1.1 5.1.2 5.2.1

🔵 SAMA CSF

AC-2 AC-3 AC-6

🟡 ISO 27001:2022

A.9.1.1 A.9.2.1 A.9.4.3

🔗 References & Sources 5

🔗

https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/commit/?id=3953943d8296310485f98...

cve@mitre.org

🔗

https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00000.html

cve@mitre.org

🔗

https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00012.html

cve@mitre.org

🔗

https://www.openwall.com/lists/oss-security/2026/02/24/1

cve@mitre.org

🔗

http://www.openwall.com/lists/oss-security/2026/02/27/3

af854a3a-2127-422b-91ae-364da2661108

📊 CVSS Score

7.4

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack VectorL — Low / Local

Attack ComplexityH — High

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityH — High

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score7.4

CWECWE-829

EPSS0.01%

Exploit No

Patch ✓ Yes

Published 2026-02-27

Source Feed nvd

🇸🇦 Saudi Risk Score

7.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-829

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2026-28372

💬 Comments

Introduce Yourself

Sign In Required