DIBT-CVE 20260526-0001 Unrestricted Service Account Password Reset (HIGH)

  • Classification: CWE-269 — Improper Privilege Management
  • Severity: High

Description:

The ltsudo set-passwd subcommand accepts user:password pairs on stdin and changes the password of any LARM user, including the larmapp service account. No authorization check restricts which accounts a superadmin-group user may modify.

Impact:
Any superadmin user can impersonate the larmapp service account via su - larmapp

Mitigation:

Upgrade to firmware version 8.4.18.