CVE-2026-47868

VMware · Avi Load Balancer

VMware Avi Load Balancer is affected by a local privilege escalation vulnerability due to improper privilege management.

Executive summary

A local privilege escalation vulnerability in VMware Avi Load Balancer could allow an authenticated attacker with low privileges to gain unauthorized elevated system access.

Vulnerability

This is a local privilege escalation flaw categorized under CWE-269 (Improper Privilege Management). The vulnerability requires the attacker to be authenticated with low-level privileges to successfully execute the attack.

Business impact

Successful exploitation of this vulnerability permits an authenticated, lower-privileged user to escalate their permissions, potentially gaining full administrative control over the affected load balancer instance. With a CVSS score of 7.8, the vulnerability poses a high risk to organizational security, as it could lead to total system compromise, unauthorized data access, and a significant breach of internal network segmentation.

Remediation

Immediate Action: Upgrade the VMware Avi Load Balancer software to the latest patched version provided by Broadcom support.

Proactive Monitoring: Review system access logs for unusual command execution patterns or unauthorized attempts to modify user group memberships.

Compensating Controls: Strictly enforce the principle of least privilege by auditing existing user accounts and restricting access to only those individuals who require it for operational duties.

Exploitation status

Public Exploit Available: No

Analyst recommendation

Organizations should prioritize patching this vulnerability to prevent malicious actors from leveraging compromised low-privilege accounts to gain elevated access. Patching should be performed in accordance with standard change management procedures to ensure ongoing system stability.