Icinga Powershell Framework

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-24414 MEDIUM This Month

Icinga PowerShell Framework versions prior to 1.13.4, 1.12.4, and 1.11.2 expose private certificate keys due to overly permissive directory permissions that allow all local users read access to the certificate folder. A local attacker with user-level privileges can retrieve these private keys to impersonate the Icinga service or intercept monitoring communications. No patch is currently available; manual ACL restrictions on the certificate directory are required as a temporary mitigation.

Windows Icinga Powershell Framework

NVD GitHub

CVSS 3.1

5.5

EPSS

0.0%

CVE-2026-24414

EPSS 0% CVSS 5.5

MEDIUM This Month

Icinga PowerShell Framework versions prior to 1.13.4, 1.12.4, and 1.11.2 expose private certificate keys due to overly permissive directory permissions that allow all local users read access to the certificate folder. A local attacker with user-level privileges can retrieve these private keys to impersonate the Icinga service or intercept monitoring communications. No patch is currently available; manual ACL restrictions on the certificate directory are required as a temporary mitigation.

Windows Icinga Powershell Framework

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy