Critical severityNVD Advisory· Published Apr 15, 2026· Updated Apr 17, 2026
CVE-2026-5387
CVE-2026-5387
Description
The vulnerability, if exploited, could allow an unauthenticated miscreant to perform operations intended only for Simulator Instructor or Simulator Developer (Administrator) roles, resulting in privilege escalation with potential for modification of simulation parameters, training configuration, and training records.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Patches
Vulnerability mechanics
References
4- github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-04.jsonnvd
- softwaresupportsp.aveva.com/en-US/downloads/products/details/57b79fdb-7b5f-4125-8a44-833b6b5c6d6fnvd
- www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-004.pdfnvd
- www.cisa.gov/news-events/ics-advisories/icsa-26-106-04nvd
News mentions
0No linked articles in our index yet.