{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2450", "assignerOrgId": "80f39f49-2521-4ee7-9e17-af5d55e8032f", "state": "PUBLISHED", "assignerShortName": "upKeeper", "dateReserved": "2026-02-13T09:53:47.576Z", "datePublished": "2026-04-14T12:07:44.265Z", "dateUpdated": "2026-04-14T13:14:16.443Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "80f39f49-2521-4ee7-9e17-af5d55e8032f", "shortName": "upKeeper", "dateUpdated": "2026-04-14T12:07:44.265Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-520", "description": "CWE-520 .NET misconfiguration: use of impersonation", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-30", "descriptions": [{"lang": "en", "value": "CAPEC-30 Hijacking a Privileged Thread of Execution"}]}], "affected": [{"vendor": "upKeeper Solutions", "product": "upKeeper Instant Privilege Access", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "1.5.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": ".NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0.", "supportingMedia": [{"type": "text/html", "base64": false, "value": ".NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.<p>This issue affects upKeeper Instant Privilege Access: through 1.5.0.</p>"}]}], "references": [{"url": "https://support.upkeeper.se/hc/en-us/articles/26783542353692-CVE-2026-2450-NET-misconfiguration-use-of-impersonation"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "subIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 7.4, "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:H/SI:H/SA:H"}}], "credits": [{"lang": "en", "value": "Tony Nilsson", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2450", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T13:01:09.531969Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T13:14:16.443Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2450", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T13:01:09.531969Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T13:08:44.331Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Tony Nilsson"}], "impacts": [{"capecId": "CAPEC-30", "descriptions": [{"lang": "en", "value": "CAPEC-30 Hijacking a Privileged Thread of Execution"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.4, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:H/SI:H/SA:H", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "upKeeper Solutions", "product": "upKeeper Instant Privilege Access", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.5.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://support.upkeeper.se/hc/en-us/articles/26783542353692-CVE-2026-2450-NET-misconfiguration-use-of-impersonation"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": ".NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0.", "supportingMedia": [{"type": "text/html", "value": ".NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.<p>This issue affects upKeeper Instant Privilege Access: through 1.5.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-520", "description": "CWE-520 .NET misconfiguration: use of impersonation"}]}], "providerMetadata": {"orgId": "80f39f49-2521-4ee7-9e17-af5d55e8032f", "shortName": "upKeeper", "dateUpdated": "2026-04-14T12:07:44.265Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2450", "state": "PUBLISHED", "dateUpdated": "2026-04-14T13:14:16.443Z", "dateReserved": "2026-02-13T09:53:47.576Z", "assignerOrgId": "80f39f49-2521-4ee7-9e17-af5d55e8032f", "datePublished": "2026-04-14T12:07:44.265Z", "assignerShortName": "upKeeper"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": ".NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0."}], "id": "CVE-2026-2450", "lastModified": "2026-04-17T15:24:57.753", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "80f39f49-2521-4ee7-9e17-af5d55e8032f", "type": "Secondary"}]}, "published": "2026-04-14T13:16:22.333", "references": [{"source": "80f39f49-2521-4ee7-9e17-af5d55e8032f", "url": "https://support.upkeeper.se/hc/en-us/articles/26783542353692-CVE-2026-2450-NET-misconfiguration-use-of-impersonation"}], "sourceIdentifier": "80f39f49-2521-4ee7-9e17-af5d55e8032f", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-520"}], "source": "80f39f49-2521-4ee7-9e17-af5d55e8032f", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.5.0]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "matching", "scores": [{"score": 99.0, "source": "matching"}]}, "original": {"product": "upKeeper Instant Privilege Access", "source": "cna", "vendor": "upKeeper Solutions"}, "product": "upkeeper_instant_privlege_access", "vendor": "upkeeper_solutions"}], "analysis": {"en": {"generated_at": "2026-04-14T13:20:15.097614+00:00", "value": {"mitigation_remediation": ["Apply the latest update for upKeeper Instant Privilege Access, upgrading to a version beyond 1.5.0 as released by the vendor.", "Verify that impersonation settings are disabled or correctly configured to prevent unauthorized thread hijacking.", "Implement logging and monitoring of thread activity to detect any anomalous hijacking attempts."], "summary": {"action": "Immediate Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The issue affects upKeeper Solutions\u2019 upKeeper Instant Privilege Access application. Versions up to and including 1.5.0 are vulnerable. No other product or vendor information is specified.", "description_and_impact": "The vulnerability stems from a .NET misconfiguration that permits the use of impersonation in upKeeper Instant Privilege Access. This flaw enables an attacker to hijack a privileged thread of execution, effectively taking control of the thread\u2019s security context. As a result, the attacker can perform higher\u2011privilege actions, such as accessing sensitive data or executing privileged code, without the need for direct credential compromise. The weakness aligns with CWE\u2011520, which denotes improper configuration of security features.", "risk_and_exploitability": "The CVSS score of 7.4 indicates a high severity level, while no EPSS value is provided and the vulnerability is not listed in the CISA KEV catalog, suggesting limited documented exploitation. The attack appears to rely on the ability to influence the application\u2019s impersonation mechanism, implying an internal or compromised environment as the primary vector. Nonetheless, the impact on confidentiality, integrity, and availability could be substantial if an attacker succeeds in hijacking the thread, making this a significant risk for affected deployments."}}}}, "created": "2026-04-14T16:15:34.918471+00:00", "title": "Thread Hijack via .NET Impersonation Misconfiguration", "updated": "2026-04-14T16:30:31.966336+00:00", "vendors": ["upkeeper_solutions", "upkeeper_solutions$PRODUCT$upkeeper_instant_privlege_access"]}