CVE-2026-11423
CriticalCVSS 9.4Exploitation Probability (EPSS)
Low risk14th percentile — higher than 14% of all known CVEs
Summary
A path traversal vulnerability exists in the Altium Enterprise Server Collaboration Service due to improper handling of user-supplied filenames. An authenticated user can submit a collaboration message with a crafted filename, allowing arbitrary files to be read from the server filesystem.
Risk Assessment
Exploitation of this vulnerability can lead to reading sensitive files, including the server's master configuration, allowing access to privileged accounts and full control of the server.
Recommendation
It is recommended to implement validation of user-supplied filenames and monitor access to sensitive files on the server.
Original NVD description (English source)
A path traversal vulnerability exists in the Altium Enterprise Server Collaboration Service due to improper handling of user-supplied filenames in the MCAD and Simulation file download flows. A regular authenticated user can submit a collaboration message containing a crafted filename, which is later used to construct the download path on the server without validation, allowing arbitrary files to be read from the server filesystem. Because the readable files include the server's master configuration, which stores credentials for privileged accounts, exploitation can lead to authenticating as a system administrator and gaining full control of the server. Altium 365 cloud deployments are not affected.

