CVE-2026-11429 Altium CVE debrief

Who should care

Security teams and administrators responsible for Altium Enterprise Server and Altium 365 deployments should prioritize patching this vulnerability to prevent potential exploitation.

Technical summary

The vulnerability allows unauthenticated remote code execution due to insecure file upload handling in Altium Enterprise Server and Altium 365. Specifically, two endpoints in the Vault Service ScriptsController accept file uploads with user-supplied filenames that are used to construct destination paths without validation. This enables an attacker to write arbitrary files to any location writable by the service account, leading to remote code execution under the Vault Service account.

Defensive priority

High

Recommended defensive actions

• Apply the patch: Upgrade Altium Enterprise Server to version 8.1.1 or later.
• For Altium 365 users, check with your service provider for confirmation that the issue has been remediated at the service level.
• Restrict access to the affected endpoints until patching can be performed.
• Monitor system logs for suspicious file upload and execution activity.

Evidence notes

The CVE record and details were obtained from the official CVE.org and NVD sources.

Official resources