CVE-2024-26292 – Avid NEXIS E-series, F-series, PRO+, SDA+: Authenticated Arbitrary File Deletion Vulnerability

CVE ID : CVE-2024-26292

Published : July 14, 2025, 9:15 a.m. | 1 hour, 14 minutes ago

Description : The Application is vulnerable to an authenticated Arbitrary File Deletion. This affects the
Agent installed on Linux and Windows alike. As the application runs with highest privileges (root/NT_AUTHORITY SYSTEM) by default attackers may use the vulnerability to delete critical files.

This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Director Appliance (SDA+): before 2025.5.1.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…