Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Remote unauthenticated input reaches logger (AV:N/AC:L/PR:N/UI:N); vulnerable component intact but downstream log integrity affected, so S:C with I:L and C:N/A:N.
Primary rating from Vendor (upKeeper).
CVSS VectorVendor: upKeeper
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Improper output neutralization for logs vulnerability in upKeeper Solutions upKeeper Instant Privilege Access on Windows allows Log Injection-Tampering-Forging.
This issue affects upKeeper Instant Privilege Access: through 1.6.1.
AnalysisAI
Log injection in upKeeper Instant Privilege Access through 1.6.1 on Windows allows remote unauthenticated attackers to forge, tamper with, or inject crafted entries into application logs by smuggling unneutralized control characters through logged inputs. The flaw (CWE-117) does not directly compromise the upKeeper agent itself but produces high integrity, confidentiality, and availability impact on subsequent log-consuming systems (SIEM, audit pipelines). …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires network reachability to an instance of upKeeper Instant Privilege Access version 1.6.1 or earlier running on Windows, and the attacker must be able to supply input to a code path that is written to the product's logs (typically the authentication, request, or session-management surface). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base of 7.9 is driven entirely by the subsequent-system metrics (SC:H/SI:H/SA:H) while the vulnerable-system impact is None - meaning the upKeeper agent itself is not compromised but downstream log consumers (SIEM, audit, IR tooling) suffer the impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An unauthenticated attacker able to reach the upKeeper Instant Privilege Access service submits a privilege-request, login, or other logged input containing embedded newline and parser-control characters that splice a fabricated 'access granted' or 'session terminated' record into the audit log. When that log is ingested by the customer's SIEM, the forged entry can mask a real privilege escalation, frame another user, or break correlation rules. … |
| Remediation | Patch available per vendor advisory at https://support.upkeeper.se/hc/en-us/articles/28408945088796-CVE-2026-10745-Improper-output-neutralization-for-logs - upgrade upKeeper Instant Privilege Access to a release later than 1.6.1 (exact fixed version not enumerated in the supplied data; confirm with upKeeper support). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all Windows systems running upKeeper 1.6.1 or earlier and assess their network reachability; brief security operations and audit teams on log integrity risks. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Argument injection in upKeeper Instant Privilege Access through version 1.5.0 enables remote authenticated attackers to
Misconfigured .NET impersonation in upKeeper Instant Privilege Access through version 1.5.0 enables authenticated remote
Same weakness CWE-117 – Improper Output Neutralization for Logs
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38731
GHSA-772w-g99g-gjqj