PowerManage 4.20.14 Security Release
This release addresses critical security vulnerabilities. All four vulnerabilities are local privilege escalation or remote exploitation flaws.
We strongly recommend scheduling upgrades to the patched version as soon as possible. Unpatched systems should be treated as at-risk.
Patched vulnerabilities
- [LPE] Copy Fail CVE-2026-31431
- [LPE] Dirty Frag CVE-2026-43284
- [LPE] Fragnesia CVE-2026-46300
- [SSH] ssh-keysign-pwn CVE-2026-46333
Upgrade guidance
Schedule maintenance windows at the earliest opportunity. Three of these flaws allow local privilege escalation — any unprivileged process or user on an affected host may gain root. Treat upgrade scheduling as high priority.
Officially allowed upgrade paths
If you are running a version not listed below, upgrade to the nearest supported base version first.
- PowerManage 4.18.23 -> 4.20.14
- PowerManage 4.20.13.1 -> 4.20.14
Both incremental upgrade and backup/restore procedures have been tested and verified for these paths.
Clean installation of PowerManage 4.20.14 is also supported.
Date of Release: 4 Jun 2026