CVE-2026-1346
Published: 08 April 2026
Summary
CVE-2026-1346 is a critical-severity Execution with Unnecessary Privileges (CWE-250) vulnerability in Ibm Security Verify Access. Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
AC-6 enforces the principle of least privilege, directly preventing processes from executing with unnecessary root privileges that enable local authenticated users to escalate to root.
SI-2 ensures timely identification, reporting, and correction of flaws like this privilege escalation vulnerability through application of IBM-provided patches.
AC-3 enforces approved access control policies and mechanisms to restrict unauthorized privilege escalations by locally authenticated users.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE enables local root privilege escalation via unnecessary privileges (directly T1068); container scope change and host control also map to container escape (T1611).
NVD Description
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to…
more
escalate their privileges to root due to execution with unnecessary privileges than required.
Deeper analysisAI
CVE-2026-1346 is a privilege escalation vulnerability affecting multiple IBM security products, stemming from execution with unnecessary privileges (CWE-250). It impacts IBM Verify Identity Access Container versions 11.0 through 11.0.2, IBM Security Verify Access Container versions 10.0 through 10.0.9.1, IBM Verify Identity Access versions 11.0 through 11.0.2, and IBM Security Verify Access versions 10.0 through 10.0.9.1. The issue allows a locally authenticated user to elevate privileges to root level. Published on 2026-04-08, it carries a CVSS v3.1 base score of 9.3 (AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H), indicating critical severity with high impacts across confidentiality, integrity, and availability in a changed scope.
A local attacker with authenticated access to the system can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation grants root privileges, enabling full control over the affected container or host, including potential data exfiltration, modification of critical files, or disruption of services.
IBM has published a security bulletin at https://www.ibm.com/support/pages/node/7268253 providing details on the vulnerability and recommended mitigations or patches.
Details
- CWE(s)