CVE-2026-9085: Incorrect Permissions Allow DNS Spoofing in Pardus-Parental-Control
An Improper Access Control and Incorrect Permission Assignment vulnerability (CVE-2026-9085) in TUBITAK BILGEM's Pardus-Parental-Control software, affecting versions up to 0.5.1 and all versions before 0.7.0, allows a local attacker to perform DNS Spoofing.
A critical vulnerability, tracked as CVE-2026-9085, has been identified in the TUBITAK BILGEM Software Technologies Research Institute's Pardus-Parental-Control software. This flaw is rooted in incorrect permission assignment for critical resources and improper access control mechanisms. Specifically, versions up to and including 0.5.1, and all versions prior to 0.7.0, are susceptible. The vulnerability enables a local attacker to execute DNS Spoofing, potentially redirecting user traffic to malicious sites, facilitating phishing attacks, or intercepting sensitive data. The CVSS v3.1 base score for this vulnerability is 8.8 (High), highlighting its severe impact if exploited. Organizations utilizing affected versions of Pardus-Parental-Control are advised to apply the necessary updates immediately to mitigate this risk.
Impact
Successful exploitation of CVE-2026-9085 allows a local attacker to conduct DNS Spoofing. This can lead to various severe consequences for users, including redirection to malicious websites, interception of network traffic, credential harvesting through phishing campaigns, and man-in-the-middle attacks. While specific victim counts or industry targeting are not detailed in the available information, any user of the affected Pardus-Parental-Control software could be vulnerable. The primary risk is loss of confidentiality and integrity of network communications, potentially leading to unauthorized access to systems or data.
Recommendation
- Patch CVE-2026-9085 by upgrading Pardus-Parental-Control to version 0.7.0 or newer immediately. Refer to the vendor's advisory at
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0500. - Implement host-based intrusion detection systems (HIDS) to monitor for unauthorized modifications to critical system files or DNS configuration settings, which could indicate attempts to exploit
CWE-284orCWE-732. - Monitor local network traffic for unusual DNS queries or responses that could indicate
DNS Spoofingattempts originating from controlled systems.