Fleet is open source device management software. Prior to 4.81.1, the Orbit agent's FileVault disk encryption key rotation flow on collects a local user's passw…

Fleet open source device management software contains a privilege escalation vulnerability in the Orbit agent's FileVault disk encryption key rotation flow. The vulnerability occurs when collecting local user passwords via GUI dialog and interpolating them into Tcl/expect scripts. Passwords containing closing braces can terminate the literal and inject arbitrary Tcl commands. Since Orbit runs as root, this allows local unprivileged users to escalate to root privileges. The issue affects versions prior to 4.81.1 and has been fixed in version 4.81.1.