Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Privilege chaining issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege.
AnalysisAI
Local privilege escalation in Fujitsu ServerView Agents for Windows V11.60.04 and earlier enables an authenticated low-privileged user to chain privileges and obtain SYSTEM-level access on the host. The flaw was reported by JPCERT/CC and is documented in JVN advisory JVN67883085 and FSAS Technologies advisory 0529; no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Technical ContextAI
ServerView Agents is Fujitsu's server management agent software, deployed on Windows-based PRIMERGY and related server platforms to expose hardware health, inventory, and monitoring data to ServerView Operations Manager. The root cause class is CWE-268 (Privilege Chaining), in which two or more lower-privileged actions or trust relationships can be combined to grant a level of access neither would provide alone - typical examples include a service running as SYSTEM that improperly trusts input from, invokes, or shares writable resources with a lower-privileged caller. The 'Microsoft' tag and Windows-only scope indicate the defect lies in how the agent's Windows service components interact with non-administrative local users on the same host.
RemediationAI
Upgrade ServerView Agents for Windows to a fixed release later than V11.60.04 as published in the FSAS Technologies advisory at https://www.fsastech.com/ja-jp/resources/security/2026/0529.html and cross-referenced by JVN67883085 at https://jvn.jp/en/jp/JVN67883085/; the exact fixed version string is not included in the supplied input, so confirm the target build directly from the vendor advisory before deploying. Until patched, restrict interactive and remote logon to the affected servers to administrators only via Group Policy ('Allow log on locally' and 'Allow log on through Remote Desktop Services'), remove standard-user accounts from these hosts, and audit ACLs on the ServerView installation directory and its Windows services with tools such as accesschk to detect any writable paths or service-modification rights held by non-admins. As a more disruptive fallback, stopping and disabling the ServerView Agent services will remove the attack surface at the cost of losing hardware monitoring telemetry to ServerView Operations Manager.
Same weakness CWE-268 – Privilege Chaining
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-33572
GHSA-wvf7-cf8r-8fw5