CVE-2026-3356

Missing Authentication for Critical Function vulnerability in Anritsu Remote Spectrum Monitor

CVSS 9.3 CRITICALEPSS 0.4%CWE-306

The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanism to enable or configure authentication, the issue is inherent to its design rather than a deployment error.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Produtos afetados

Anritsu · Remote Spectrum Monitor MS27100A Anritsu · Remote Spectrum Monitor MS27101A Anritsu · Remote Spectrum Monitor MS27102A Anritsu · Remote Spectrum Monitor MS27103A

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.cisa.gov/news-events/ics-advisories/icsa-26-090-01