Cloud Foundry Logo
blog single gear
Security Advisory

CVE-2026-47830 – Incorrect Permission Assignment Allows Local Privilege Escalation to SYSTEM via Executable Overwrite

Severity

High 

CVSSv4: High 8.5 (CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)
CVSSv3: High 8.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Vendor

Cloud Foundry Foundation

Versions Affected

*Severity is High unless otherwise noted.

bosh-windows-stemcell-builder

– All versions prior to v2019.98

Description

Incorrect Permission Assignment in BOSH.Utils.psm1 in BOSH-Ecosystem bosh-windows-stemcell-builder allows low-privilege authenticated users to overwrite C:\bosh\service_wrapper.exe or C:\bosh\bosh-agent.exe and gain NT

AUTHORITY\SYSTEM on the next service restart or reboot. This can lead to full host control.

Mitigation

Users of affected products are strongly encouraged to follow the mitigations below.

Recommend upgrading the following releases:

bosh-windows-stemcell-builder

– version v2019.98 or greater

Credit

This issue was responsibly reported by VMware Tanzu by Broadcom.

History

July 8th: Initial vulnerability report published.

 

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES