BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Critical Splunk Vulnerability Allows Unauthenticated RCE

Splunk patches critical pre-authentication RCE flaw in Enterprise versions below 10.2.4 and 10.0.7

  • Splunk has patched a critical vulnerability, CVE-2026-20253, rated 9.8 on the CVSS scale, allowing unauthenticated file operations and potential remote code execution.
  • The flaw exists in Splunk Enterprise versions below 10.2.4 and 10.0.7 due to an unprotected PostgreSQL sidecar service endpoint.
  • Security researchers at watchTowr Labs detailed how the flaw could be weaponized for pre-authenticated RCE, though no active exploitation has been reported.

On June 13, 2026, security firm Splunk, now part of Cisco, urgently addressed a severe flaw in its enterprise software. The vulnerability could let remote attackers run arbitrary code on unpatched systems without requiring any login credentials.
Consequently, the company released security updates for Splunk Enterprise versions 10.0.7 and 10.2.4. In an alert this week, Splunk said the issue stems from a PostgreSQL sidecar service endpoint that lacks authentication controls.
Meanwhile, researchers Piotr Bazydlo and Yordan Ganchev from watchTowr Labs released technical details showing how the flaw enables pre-authenticated remote code execution. They explained an attacker could connect to a malicious database and use the /backup and /restore endpoints to write files.
This arbitrary file write could then be escalated to full remote code execution by overwriting a Python script that Splunk frequently executes. The entire attack chain involves creating a database, dropping a malicious dump, and triggering its execution during restoration.
Therefore, users of affected versions must apply the patches immediately to secure their systems. Splunk Cloud platforms are not impacted, as they do not use the vulnerable PostgreSQL sidecars.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Bitcoin Data Strong Amid Selling and Yield Fears

Despite a zero ByteTrend score, the Bitcoin network's weekly on-chain transaction value is $13.5...

Ohio County Paid $1M After Data Heist

Union County, Ohio, paid roughly $1 million in Bitcoin to the cyber group Kairos...

Bitcoin’s 2026 Outlook: Sideways Trading Before Any Big Rally

Bitcoin is currently trading between $58,000 and $62,000, a steep drop from its October...

North Korean PolinRider Hackers Publish 108 Malicious Packages

North Korean-linked threat actors, known as Contagious Interview, have expanded their PolinRider supply-chain campaign...

FatFs Flaws Let Malicious Media Hijack Millions of Devices

Seven vulnerabilities (CVE-2026-6682 to CVE-2026- 6688) were found in the widely used FatFs filesystem library,...

Must Read

How To Travel With Bitcoin: 9 Travel Companies Accepting Bitcoin

Bitcoin travel is a reality, as several travel companies now accept payments in cryptocurrencies for their services.Those who have opened a Bitcoin account on...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading