CVE-2026-11420 Altium CVE debrief

Who should care

Administrators and users of Altium Enterprise Server, especially those with on-premises installations, should be aware of this critical vulnerability. The ability to write arbitrary files and read package archives without authentication makes this a high-risk vulnerability that requires immediate attention.

Technical summary

The CVSS score for CVE-2026-11420 is 10 (Critical). The vulnerability is caused by two path traversal issues in the Network Installation Service of Altium Enterprise Server. An unauthenticated attacker can exploit these vulnerabilities to write files to any writable location on the server and read package archive files. This can lead to remote code execution and disclosure of deployment package contents. The CVSS vector is CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.

Defensive priority

High

Recommended defensive actions

• Apply patches or updates provided by Altium to fix the path traversal vulnerabilities in the Network Installation Service.
• Review and restrict access to the Network Installation Service to prevent unauthorized access.
• Monitor server logs for suspicious activity related to file writes and reads.
• Consider disabling the Network Installation Service if not required.

Evidence notes

The CVE record was obtained from the official CVE.org website [cve-org]. Additional details were found on the NVD website [nvd]. A reference to the Altium security advisories page is also available [ref-4].

Official resources