O+ Connect Vulnerability: Local Privilege Escalation (CVE-2026-22069) Exposes Systems

A critical local privilege escalation vulnerability, tracked as CVE-2026-22069, has been identified in O+ Connect. According to the National Vulnerability Database, the flaw stems from the software’s failure to properly validate the identity of callers interacting with its pipe interface. This oversight allows an attacker with local access to elevate their privileges to a higher level, posing a significant risk to system integrity.

The National Vulnerability Database has assigned CVE-2026-22069 a CVSS score of 7.3, categorizing it as HIGH severity. The vector string, CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H, indicates that an attacker with low privileges (PR:L) and local access (AV:L) can exploit this with user interaction (UI:R) to achieve high impact on availability (A:H) and low impact on confidentiality (C:L) and integrity (I:L), leading to a complete system compromise in terms of control. The vulnerability is also mapped to CWE-266, improper authentication.

For defenders, this is a clear signal that O+ Connect installations represent a high-value target for post-exploitation lateral movement. An attacker who gains an initial foothold on a system can leverage this vulnerability to escalate privileges, potentially leading to full administrative control. This isn’t theoretical; it’s a direct path to deeper compromise. Organizations must prioritize patching and harden their systems against local threats.