CVE-2026-3356

Missing Authentication for Critical Function vulnerability in Anritsu Remote Spectrum Monitor

CVSS 9.3 CRITICALEPSS 0.4%CWE-306

The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanism to enable or configure authentication, the issue is inherent to its design rather than a deployment error.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Productos afectados

Anritsu · Remote Spectrum Monitor MS27100A Anritsu · Remote Spectrum Monitor MS27101A Anritsu · Remote Spectrum Monitor MS27102A Anritsu · Remote Spectrum Monitor MS27103A

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.cisa.gov/news-events/ics-advisories/icsa-26-090-01