ZDI-26-248: NoMachine External Control of File Path Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2026-5054.
AI Analysis
Technical Summary
This vulnerability in NoMachine arises from insufficient validation of user-supplied file paths passed via command line parameters. A local attacker who can run low-privileged code can exploit this to escalate privileges to root by manipulating file operations. The flaw enables arbitrary code execution with elevated privileges. The Zero Day Initiative assigned CVE-2026-5054 a CVSS score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). NoMachine fixed the vulnerability in version 9.4.14.
Potential Impact
Successful exploitation allows a local attacker with limited privileges to escalate to root privileges, gaining full control over the affected system. This includes the ability to execute arbitrary code with high integrity and availability impact. The vulnerability does not appear to be exploitable remotely without prior code execution capabilities.
Mitigation Recommendations
NoMachine has released an official fix in version 9.4.14. Users should upgrade to this version or later to remediate the vulnerability. Since this is a local privilege escalation, restricting local code execution permissions and applying the patch are the primary mitigations. NoMachine is not a cloud service; patching must be applied by system administrators.
ZDI-26-248: NoMachine External Control of File Path Local Privilege Escalation Vulnerability
Description
This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2026-5054.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in NoMachine arises from insufficient validation of user-supplied file paths passed via command line parameters. A local attacker who can run low-privileged code can exploit this to escalate privileges to root by manipulating file operations. The flaw enables arbitrary code execution with elevated privileges. The Zero Day Initiative assigned CVE-2026-5054 a CVSS score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). NoMachine fixed the vulnerability in version 9.4.14.
Potential Impact
Successful exploitation allows a local attacker with limited privileges to escalate to root privileges, gaining full control over the affected system. This includes the ability to execute arbitrary code with high integrity and availability impact. The vulnerability does not appear to be exploitable remotely without prior code execution capabilities.
Mitigation Recommendations
NoMachine has released an official fix in version 9.4.14. Users should upgrade to this version or later to remediate the vulnerability. Since this is a local privilege escalation, restricting local code execution permissions and applying the patch are the primary mitigations. NoMachine is not a cloud service; patching must be applied by system administrators.
Technical Details
- Article Source
- {"url":"http://www.zerodayinitiative.com/advisories/ZDI-26-248/","fetched":true,"fetchedAt":"2026-05-26T19:59:22.269Z","wordCount":191}
Threat ID: 6a15fc93e29bf47b5055e1a8
Added to database: 5/26/2026, 8:03:31 PM
Last enriched: 5/26/2026, 8:14:27 PM
Last updated: 5/27/2026, 4:56:07 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.