Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Local logon required (AV:L, PR:L); easily exploitable per Oracle (AC:L); no user interaction; gives full read of accessible data (C:H) and full OS crash (A:H) with no integrity impact (I:N).
Primary rating from Vendor (oracle).
CVSS VectorVendor: oracle
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Solaris accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 7.1 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H).
AnalysisAI
Local privilege abuse in Oracle Solaris 11.4 allows a low-privileged authenticated user with logon access to the host to read sensitive filesystem data and trigger a complete denial of service of the operating system. Oracle's June 2026 Critical Patch Update lists this as easily exploitable through the Filesystem component, with a CVSS 3.1 base score of 7.1; no public exploit identified at time of analysis and the issue is not on the CISA KEV list.
Technical ContextAI
The flaw resides in the Filesystem component of Oracle Solaris 11.4, Oracle's enterprise UNIX platform commonly deployed on SPARC and x86 server infrastructure (CPE cpe:2.3:a:oracle_corporation:oracle_solaris:*). Although NVD does not assign a CWE, the combination of high confidentiality and high availability impact with no integrity impact, reached via local access, is characteristic of a filesystem access-control or resource-handling defect - for example improper permission enforcement on a virtual filesystem object or an unchecked condition that lets a local user read protected data and panic/hang the kernel. The 'Authentication Bypass' tag from the input intelligence suggests the underlying weakness may let a logged-in user reach data or operations normally gated by stronger filesystem authorization.
RemediationAI
Apply the Filesystem fixes from Oracle's June 2026 Critical Patch Update (https://www.oracle.com/security-alerts/cspujun2026.html) by installing the corresponding Solaris 11.4 SRU on every affected host - Patch available per vendor advisory; the specific patched SRU number is not included in the input data and should be taken directly from the CPU matrix. Until the SRU is deployed, reduce blast radius by restricting interactive logon on Solaris 11.4 systems to trusted administrators (tighten /etc/security/policy.conf, PAM, and RBAC profiles, and remove shell access for service or batch accounts), and monitor for unexpected system panics or hangs that could indicate exploitation attempts; the trade-off is reduced operational flexibility for shared-use hosts and possible disruption to automation accounts that legitimately need login. Do not rely on network controls alone - the vector is local (AV:L), so firewalling will not mitigate.
More in Oracle Solaris
View allSame weakness CWE-269 – Improper Privilege Management
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37233