Ai Bolit
Monthly
Arbitrary root file overwrite in CloudLinux ai-bolit before v32.7.4 occurs when the scanner's malware de-obfuscation routines evaluate attacker-controlled content, enabling code injection that runs with the scanner's root privileges. A crafted file placed where ai-bolit will scan it triggers the flaw, letting an attacker overwrite arbitrary files as root and effectively take over the host. There is no public exploit identified at time of analysis, EPSS risk is modest (0.29%, 21st percentile), and it is not listed in CISA KEV.
Arbitrary root file overwrite in CloudLinux ai-bolit before v32.7.4 occurs when the scanner's malware de-obfuscation routines evaluate attacker-controlled content, enabling code injection that runs with the scanner's root privileges. A crafted file placed where ai-bolit will scan it triggers the flaw, letting an attacker overwrite arbitrary files as root and effectively take over the host. There is no public exploit identified at time of analysis, EPSS risk is modest (0.29%, 21st percentile), and it is not listed in CISA KEV.