HIGH
AT&T Bell Labs
CVE published 2026-03-13
CVE-2025-71263
A buffer overflow vulnerability exists in the `su` command of UNIX Fourth Research Edition (v4), where the `password` variable is allocated a fixed 100-byte buffer. A local attacker can exploit this to achieve root privilege escalation. The vulnerability is confined to an unsupported, historical operating system version with negligible modern deployment.