This critical privilege escalation vulnerability in the LiteSpeed cPanel Plugin is actively exploited in the wild and requires immediate remediation.

This is an incorrect privilege assignment flaw (CWE-266) in the lsws.redisAble function. It allows any authenticated cPanel user to execute arbitrary scripts as root, which is particularly dangerous in shared hosting environments.

With a CVSS score of 9.5, this is a critical-severity vulnerability. Successful exploitation grants an attacker full root access to the server, leading to total system compromise, data theft, and the deployment of malware such as Mirai botnets or ransomware.

Immediate Action: Update to LiteSpeed cPanel plugin version 2.4.5 (or 2.4.7 with WHM plugin 5.3.1.0 or higher) immediately.

Proactive Monitoring: Audit server logs for unauthorized script execution or unusual root-level activity associated with the lsws.redisAble function.

Compensating Controls: If patching is delayed, disable the LiteSpeed cPanel plugin or restrict access to the cPanel interface to prevent exploitation by malicious users.

Public Exploit Available: false

This vulnerability is listed in the CISA KEV catalog and is being actively exploited. It is imperative that all affected systems are updated to the recommended versions immediately to prevent full system compromise.