ГлавнаяУязвимости → CVE-2026-25085
8.6высокая

CVE-2026-25085

Описание

A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in which an unexpected return value from the authentication routine is later on processed as a legitimate value, resulting in an authentication bypass.

Затрагиваемое ПО
Copeland Xweb 500b pro firmwareCopeland Xweb 500b proCopeland Xweb 300d pro firmwareCopeland Xweb 300d proCopeland Xweb 500d pro firmwareCopeland Xweb 500d pro
CVSS
Балл8.6 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Источники
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-057-10.jsonhttps://webapps.copeland.com/Dixell/Pages/SystemSoftwareUpdatehttps://www.cisa.gov/news-events/ics-advisories/icsa-26-057-10