Skip to main content

File Integrity Monitoring Fim

1 CVEs product

Monthly

CVE-2026-12164 MEDIUM PATCH This Month

Incorrect privilege assignment in Fortra File Integrity Monitoring (FIM) versions prior to 9.4.0 causes the `tetool import` command to assign elevated or incorrect effective permissions to newly created users when FIM is actively running during import. The flaw is compounded when the import operation also creates or modifies roles or role-permission relationships, meaning users may silently receive access levels beyond what was configured. No public exploit has been identified at time of analysis, and the CVSS score of 4.9 (Medium) reflects the high-privilege prerequisite that limits realistic exposure to administrative misuse or insider threat scenarios.

Information Disclosure File Integrity Monitoring Fim
NVD VulDB
CVSS 3.1
4.4
EPSS
0.1%
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Incorrect privilege assignment in Fortra File Integrity Monitoring (FIM) versions prior to 9.4.0 causes the `tetool import` command to assign elevated or incorrect effective permissions to newly created users when FIM is actively running during import. The flaw is compounded when the import operation also creates or modifies roles or role-permission relationships, meaning users may silently receive access levels beyond what was configured. No public exploit has been identified at time of analysis, and the CVSS score of 4.9 (Medium) reflects the high-privilege prerequisite that limits realistic exposure to administrative misuse or insider threat scenarios.

Information Disclosure File Integrity Monitoring Fim
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy