Cyber Posture

CVE-2026-2749

Critical

Published: 27 February 2026

Published
27 February 2026
Modified
23 March 2026
KEV Added
Patch
CVSS Score 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0012 30.9th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10.3, 24.10.8, 24.04.7.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mitigates the path traversal vulnerability by requiring timely remediation through patching to the vendor-recommended fixed versions.

SI-10 Information Input Validation good match
prevent

Prevents exploitation of path traversal by enforcing validation of user inputs used in file path operations within the Centreon Open Tickets module.

AC-3 Access Enforcement good match
prevent

Enforces logical access controls to block unauthorized file access and modifications enabled by the path traversal flaw despite low-privilege authentication.

Security SummaryAI

CVE-2026-2749 is a path traversal vulnerability (CWE-22) in the Centreon Open Tickets module on Centreon Central Server running on Linux, specifically affecting the Centreon Open Ticket modules. This issue impacts all versions prior to 25.10.3, 24.10.8, and 24.04.7. Published on 2026-02-27, it carries a CVSS v3.1 base score of 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H), indicating critical severity due to its potential for severe impact across the confidentiality, integrity, and availability triads.

The vulnerability can be exploited by an authenticated attacker with low privileges over the network, requiring low attack complexity and no user interaction. Exploitation enables high-impact outcomes, including unauthorized access to sensitive data, modification of system files, and disruption of services, amplified by a scope change that affects the broader system.

The official Centreon security bulletin at https://thewatch.centreon.com/latest-security-bulletins-64/cve-2026-2749-centreon-open-tickets-critical-severity-5493 details the issue and recommends mitigation by upgrading to Centreon Open Tickets versions 25.10.3, 24.10.8, 24.04.7, or later.

Details

CWE(s)
CWE-22

Affected Products

centreon
open tickets
≤ 24.04.7 · 24.10.0 — 24.10.8 · 25.10.0 — 25.10.3

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
T1083 File and Directory Discovery Discovery
Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system.
attack.mitre.org →
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
attack.mitre.org →
Why these techniques?

Path traversal (CWE-22) in Centreon web module allows authenticated remote attackers to exploit public-facing application (T1190), escalate privileges via scope change (T1068), discover files/directories (T1083), and access data from local system (T1005) including sensitive data and system files.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References