SCA: security update for github.com/fleetdm/fleet/v4 (GHSA-2rc4-7jc6-qffh)

high Tenable Self-Hosted Container Security Plugin ID 441835

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- Fleet is open source device management software. Prior to version 4.81.0, a vulnerability in Fleet’s
Windows MDM management endpoint could allow requests to be processed without proper client certificate
validation. In certain circumstances, this could allow an attacker to impersonate an enrolled Windows
device and retrieve sensitive configuration data. Fleet’s Windows MDM management endpoint relies on mutual
TLS (mTLS) client certificates to authenticate enrolled devices. In affected versions, requests that did
not present a client certificate could be incorrectly treated as trusted. As a result, an attacker with
prior knowledge of a valid enrolled device identifier could potentially impersonate that device and
receive configuration payloads intended for it. These payloads may contain sensitive information such as
Wi-Fi or VPN configuration data, certificates, or other secrets delivered through MDM profiles. This issue
does not allow enrollment of new devices, administrative access to Fleet, or compromise of the Fleet
control plane. Impact is limited to the targeted Windows device. Version 4.81.0 contains a patch. If an
immediate upgrade is not possible, affected Fleet users should temporarily disable Windows MDM.
(CVE-2026-23998)

Solution

Update the github.com/fleetdm/fleet/v4 library and its related packages to version 4.81.0 or later.

See Also

https://github.com/advisories/GHSA-2rc4-7jc6-qffh

Plugin Details

Severity: High

ID: 441835

Version: Revision 1.5

Type: Local

Family: SCA Checks

Published: 5/14/2026

Updated: 6/22/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.71

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2026-23998

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS v4

Risk Factor: High

Base Score: 8.2

Threat Score: 4.6

Threat Vector: CVSS:4.0/E:U

Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 5/14/2026

Vulnerability Publication Date: 5/14/2026

Reference Information

CVE: CVE-2026-23998

cwe: CWE-295