ByteOS Network

CVE Vulnerability Details :

CVE-2026-6265

PUBLISHED

More Info Official Page

Assigner-NCSC-FI

Assigner Org ID-db4dfee8-a97e-4877-bfae-eba6d14a2166

Published At-27 Apr, 2026 | 13:00

Updated At-27 Apr, 2026 | 13:58

▼CVE Numbering Authority (CNA)

Local Privilege Escalation in Cerberus FTP Server =< 2025.4.2

Insecure preserved inherited permissions vulnerability in Cerberus FTP Server on Windows allows Privilege Escalation.This issue has been resolved in Cerberus FTP Server: 2026.1

Affected Products

Vendor

Cerberus

Product

Cerberus FTP Server

Platforms

Windows

Default Status

unaffected

Versions

Affected

From 0 through 2025.4.2 (custom)

Unaffected

2026.1

Problem Types

Type	CWE ID	Description
CWE	CWE-278	CWE-278 Insecure preserved inherited permissions

Type: CWE

CWE ID: CWE-278

Description: CWE-278 Insecure preserved inherited permissions

Metrics

Version	Base score	Base severity	Vector
4.0	7.3	HIGH	CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Version: 4.0

Base score: 7.3

Base severity: HIGH

Vector:

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Impacts

CAPEC ID	Description
CAPEC-233	CAPEC-233 Privilege Escalation

CAPEC ID: CAPEC-233

Description: CAPEC-233 Privilege Escalation

Credits

finder

Sharan Patil with Reversec

References

Hyperlink	Resource
https://www.cerberusftp.com/releasenotes/	release-notes
https://labs.reversec.com/advisories/2026/04/cerberus-ftp-server-elevation-of-privileges	third-party-advisory

Hyperlink: https://www.cerberusftp.com/releasenotes/

Resource:

release-notes

Hyperlink: https://labs.reversec.com/advisories/2026/04/cerberus-ftp-server-elevation-of-privileges

Resource:

third-party-advisory

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Metrics Other Info

References

Hyperlink	Resource
https://labs.reversec.com/advisories/2026/04/cerberus-ftp-server-elevation-of-privileges	exploit

Hyperlink: https://labs.reversec.com/advisories/2026/04/cerberus-ftp-server-elevation-of-privileges

Resource:

exploit

Affected Products

Affected

Unaffected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References