← voltar
CVE-2026-1632

RISS SRL MOMA Seismic Station Missing Authentication for Critical Function

CVSS 9.3 CRITICALEPSS 0.5%CWE-306
MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Produtos afetados
RISS SRL · MOMA Seismic Station

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-034-03.jsonhttps://www.cisa.gov/news-events/ics-advisories/icsa-26-034-03