Security Advisory

CVE-2026-30332

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-02 00:00:00

Last updated 2026-04-02 17:26:30

Assigner mitre

State PUBLISHED

Description

A Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability in Balena Etcher for Windows prior to v2.1.4 allows attackers to escalate privileges and execute arbitrary code via replacing a legitimate script with a crafted payload during the flashing process.

← Browse all CVEs View on cve.org ↗