A critical OS command injection vulnerability in Fortra's Core Privileged Access Manager (BoKS) allows unauthenticated remote attackers to execute arbitrary code with service-level privileges.

This is an OS command injection vulnerability residing within the boks_autoregisterd service. A remote attacker with network access to this service can trigger command execution with the privileges of the service during the autoregistration process.

With a CVSS score of 9.8, this vulnerability poses a severe risk to organizational security. Successful exploitation grants an attacker full control over the affected service, potentially leading to total system compromise, unauthorized access to sensitive credentials, and lateral movement within the privileged network environment.

Immediate Action: Apply the vendor-provided updates immediately by upgrading to the latest version of the BoKS server as specified in the official Fortra security advisory.

Proactive Monitoring: Review system and application logs for anomalous process execution patterns originating from the boks_autoregisterd service.

Compensating Controls: Restrict network access to the boks_autoregisterd service via firewall rules to only allow communication from trusted, known-good source IP addresses.

Public Exploit Available: False

Given the critical nature of this vulnerability and its potential for full system compromise, immediate patching is required. Organizations utilizing the BoKS server must prioritize this update to prevent unauthorized remote command execution.