External risk intelligence

Altium Path Traversal Leading to Remote Code Execution.

CVE advisorySeverity: CRITICAL (CVSS 9.4)

CVE-2026-14439

The vulnerability affects a Git Service component within an enterprise server platform. While these services are often reachable over a network, they typically exist behind corporate or organizational boundaries rather than being directly exposed as public-facing internet services. Access is generally restricted to authenticated users within the development environment.

Path Traversal

Halo Surface Signal: 3 out of 5 — possibly public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

This advisory details a path traversal vulnerability in the Git Service component of Altium Enterprise Server and Altium 365. The flaw allows authenticated users to move files outside of their intended repositories, which can lead to remote code execution and, in multi-tenant environments, potential access to other tenants' data. This issue has been remediated in Altium 365 and fixed in a specific version of Altium Enterprise Server.

  • An authenticated user can move files inappropriately.
  • Could enable remote code execution and data access.
  • Confirm relevance and exposure for affected systems.

Attack Path

How an attacker could exploit the issue

An attacker, already authenticated with basic Git access, can leverage a path traversal vulnerability in the Git Service component. This allows them to manipulate files outside the repository, potentially injecting malicious scripts that the service later executes. This could lead to remote code execution and, in multi-tenant environments, unauthorized access to other tenants' data.

  • Authenticated user with Git access required.
  • Move files to sensitive directories.
  • Remote code execution and data access.

Live Threat

Current exploitation, exposure, and threat context

An authenticated user with basic Git access could exploit a path traversal vulnerability to move files outside the repository. This could allow them to place malicious scripts in executable locations, potentially leading to remote code execution under the Git Service account. On multi-tenant systems, this could also expose data belonging to other tenants.

  • Arbitrary file movement by authenticated users.
  • Malicious script placement for execution.
  • Remote code execution or cross-tenant data access.

Operational Fix

Recommended remediation, mitigation, and detection steps

The Git Service component in Altium Enterprise Server and Altium 365 is affected by a path traversal vulnerability. Technical leaders should coordinate with application owners and infrastructure teams to identify all instances of the affected technology, assess their reachability and criticality, and determine the accountable owners for remediation planning.

  • Identify affected Altium installations.
  • Verify exploitability and business criticality.
  • Plan remediation based on risk assessment.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is the Git Service in Altium Enterprise Server?

The Git Service is a foundational component within Altium Enterprise Server and Altium 365 that manages version control and data storage for design projects. It enables teams to collaborate by tracking changes to files throughout the development lifecycle. This specific service handles the processing and organization of repository data, ensuring that files remain structured and accessible to authorized engineers and technical staff working within the platform's ecosystem.

How does CVE-2026-14439 work as a path traversal vulnerability?

This vulnerability, classified as CWE-22 and CWE-94, occurs when the software fails to properly sanitize user-supplied file paths during post-clone operations. Because the system does not validate where files are being moved, a user can escape the boundaries of their repository. By placing files in unauthorized locations where the system expects scripts, an attacker can trick the service into executing malicious code, granting them unauthorized control under the service's account permissions.

Do I need to worry if I do not have Git access?

No. The vulnerability cannot be triggered by an unauthenticated user or an anonymous visitor. A successful attack requires the user to already possess valid, basic Git access credentials for the environment. Without this initial level of authenticated access to the Git Service, the path traversal commands required to manipulate files and place scripts in sensitive directories will not execute.

Is my instance at risk if it is internal-only?

According to Halo Surface Signal, this vulnerability affects the Git Service component which is often hosted behind corporate or organizational boundaries. While it is not typically directly exposed to the public internet, it remains a risk if an authenticated insider or compromised user account gains access. Even in internal-only configurations, the potential for cross-tenant data access or remote code execution makes this a significant concern for administrative teams.

How should I respond if I manage Altium installations?

Your first step is to identify all running instances of Altium Enterprise Server and verify their current version. If you are using Altium Enterprise Server, ensure you have updated to version 8.1.1 or later, as this contains the necessary fix. For Altium 365 users, the service-level remediation is already applied by the vendor. Coordinate with your infrastructure team to verify that these updates are successfully deployed across your environment.

References