Skip to main content

upKeeper Instant Privilege Access EUVDEUVD-2026-38731

| CVE-2026-10745 HIGH
Improper Output Neutralization for Logs (CWE-117)
2026-06-24 upKeeper GHSA-772w-g99g-gjqj
7.9
CVSS 4.0 · Vendor: upKeeper
Share

Severity by source

Vendor (upKeeper) PRIMARY
7.9 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.8 MEDIUM

Remote unauthenticated input reaches logger (AV:N/AC:L/PR:N/UI:N); vulnerable component intact but downstream log integrity affected, so S:C with I:L and C:N/A:N.

3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N

Primary rating from Vendor (upKeeper).

CVSS VectorVendor: upKeeper

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jun 24, 2026 - 09:15 vuln.today
CVE Published
Jun 24, 2026 - 08:04 cve.org
HIGH 7.9

DescriptionCVE.org

Improper output neutralization for logs vulnerability in upKeeper Solutions upKeeper Instant Privilege Access on Windows allows Log Injection-Tampering-Forging.

This issue affects upKeeper Instant Privilege Access: through 1.6.1.

AnalysisAI

Log injection in upKeeper Instant Privilege Access through 1.6.1 on Windows allows remote unauthenticated attackers to forge, tamper with, or inject crafted entries into application logs by smuggling unneutralized control characters through logged inputs. The flaw (CWE-117) does not directly compromise the upKeeper agent itself but produces high integrity, confidentiality, and availability impact on subsequent log-consuming systems (SIEM, audit pipelines). …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify exposed upKeeper IPA endpoint
Delivery
Craft input with CRLF/control sequences
Exploit
Submit to logged request surface
Execution
Service writes unneutralized entry
Persist
SIEM parses forged record
Impact
Audit trail tampered, detections evaded

Vulnerability AssessmentAI

Exploitation Exploitation requires network reachability to an instance of upKeeper Instant Privilege Access version 1.6.1 or earlier running on Windows, and the attacker must be able to supply input to a code path that is written to the product's logs (typically the authentication, request, or session-management surface). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base of 7.9 is driven entirely by the subsequent-system metrics (SC:H/SI:H/SA:H) while the vulnerable-system impact is None - meaning the upKeeper agent itself is not compromised but downstream log consumers (SIEM, audit, IR tooling) suffer the impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker able to reach the upKeeper Instant Privilege Access service submits a privilege-request, login, or other logged input containing embedded newline and parser-control characters that splice a fabricated 'access granted' or 'session terminated' record into the audit log. When that log is ingested by the customer's SIEM, the forged entry can mask a real privilege escalation, frame another user, or break correlation rules. …
Remediation Patch available per vendor advisory at https://support.upkeeper.se/hc/en-us/articles/28408945088796-CVE-2026-10745-Improper-output-neutralization-for-logs - upgrade upKeeper Instant Privilege Access to a release later than 1.6.1 (exact fixed version not enumerated in the supplied data; confirm with upKeeper support). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Windows systems running upKeeper 1.6.1 or earlier and assess their network reachability; brief security operations and audit teams on log integrity risks. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-38731 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy