HarborGuardharborguardDatabase
Back to search
CRITICALCVE-2026-11429Published Modified CNA Altium

CVE-2026-11429: Path Traversal in Altium Git Service Allows Remote Code Execution

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to move arbitrary files outside the intended repository area. This file-move primitive can be used to place attacker-controlled script content into directories where it is later executed by the service, resulting in remote code execution under the Git Service account. On multi-tenant Altium 365 deployments, this could have allowed access to data belonging to other tenants on the same infrastructure node. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Metrics

CVSS v4.0
9.4
Severity
CRITICAL
Fixed in
8.1.1
Affected Products
2

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A path traversal vulnerability exists in the Git Service component of Altium Enterprise Server and Altium 365. An authenticated attacker with basic git access can send crafted post-clone file-manipulation requests that move attacker-controlled content outside the repository boundary and into directories where the service later executes it, resulting in remote code execution under the Git Service account. A patched-image rebuild at Altium Enterprise Server version 8.1.1 is available on HarborGuard for affected environments; Altium 365 has been remediated at the service level by the vendor.

HarborGuard Coverage

Detection

Detection of CVE-2026-11429 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against customer images in connected registries and CI/CD pipelines, including custom-built images that bundle the Altium Enterprise Server Git Service component.

Available
Triage

HarborGuard is capable of scoring this finding at CVSS 9.4 (Critical) and weighting it against each customer environment's compliance policy, then routing the alert to the appropriate team inbox based on the org's configured ownership rules.

Available
Patch

For environments running an affected version of Altium Enterprise Server, a patched-image rebuild at version 8.1.1 is available on HarborGuard the moment the upstream package is published. For customers who opt into auto-remediation, HarborGuard can perform the rebuild, run a regression test suite, and open a pull request against affected workloads automatically.

Available

Exploit Conditions

  • Network reachabilityRequired

    The Git Service is exposed over the network, so an attacker must be able to reach the service endpoint to send the malicious post-clone requests.

  • AuthenticationRequired

    A low-privilege account with basic git access is sufficient; no administrative credentials are needed.

  • Victim interactionNot required

    The attacker sends crafted requests directly to the service with no action required from another user.

  • Attack complexityDetail

    Exploitation is reliable and condition-free; no race conditions or special environmental factors are required to trigger the path traversal and achieve code execution.

Blast Radius

  • The attacker gains remote code execution under the Git Service account, enabling arbitrary command execution on the host.
  • Confidential repository contents, credentials, and other data accessible to the Git Service account are exposed to the attacker.
  • The attacker can write, modify, or delete files reachable by the service account, corrupting repository data or planting persistent backdoors.
  • On multi-tenant Altium 365 infrastructure nodes, a successful exploit enables access to data belonging to other tenants sharing the same node.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-11429 is active across the platform and will flag any image found to contain a vulnerable version of the Altium Enterprise Server Git Service component. A patched-image rebuild at version 8.1.1 is available for environments running an affected release of Altium Enterprise Server. For customers who opt into auto-remediation, HarborGuard can rebuild the image, execute regression tests, and open a pull request against affected workloads; median time from CVE publication to merged patch PR for critical-severity issues is around 90 minutes for environments with auto-remediation enabled. For Altium 365 deployments, the vendor has applied a service-level remediation, but customers running self-managed infrastructure derived from affected versions should treat the 8.1.1 upgrade as urgent given the critical score, the cross-tenant data exposure risk, and the low barrier to exploitation.

See how HarborGuard automates this

Fix available

8.1.1
Affected packages
  • Altium / Altium Enterprise Server
    < 8.1.1 (from 0)
  • Altium / Altium 365
    unspecified
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
References