Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable management endpoint with low complexity but requires existing high-privilege account (PR:H); full CIA impact on the portal, no scope change.
Primary rating from Vendor (CERTVDE).
CVSS VectorVendor: CERTVDE
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
An high privileged remote attacker can access a hidden configuration method, that should not be accessible by any user, to modify critical program parameters. This can result in a total loss of confidentiality, integrity and availability.
AnalysisAI
Privileged remote modification of critical program parameters in MB connect line mbCONNECT24 and mymbCONNECT24 allows authenticated high-privilege attackers to reach a hidden configuration method that should be inaccessible to any user, resulting in total compromise of confidentiality, integrity, and availability. No public exploit identified at time of analysis, and the issue was coordinated through CERT@VDE under advisory VDE-2026-068.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to already hold a high-privileged authenticated session on mbCONNECT24 or mymbCONNECT24 (PR:H) and to send a request to a hidden, undocumented configuration method that the product does not expose in its normal UI - knowledge of the endpoint path/parameters is therefore a practical prerequisite. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector AV:N/AC:L/AT:N/PR:H/UI:N with VC:H/VI:H/VA:H produces a base score of 8.6, reflecting full CIA impact reachable over the network without user interaction but gated by high privileges. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained or already holds a high-privilege account on mbCONNECT24 - for example via phishing of an OT administrator, credential reuse, or insider access - sends a crafted request directly to the undocumented configuration endpoint over the network. Because the platform does not gate this method even from authenticated users, the attacker rewrites critical program parameters, which can be leveraged to disrupt remote-access policies, redirect connections, or stage further intrusion into the downstream industrial network. … |
| Remediation | Patch available per vendor advisory - operators should consult CERT@VDE advisory VDE-2026-068 at https://www.certvde.com/en/advisories/VDE-2026-068/ for the exact fixed mbCONNECT24 / mymbCONNECT24 build and upgrade to it; no specific fixed version is enumerated in the input data so do not assume a number. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all systems running mbCONNECT24 or mymbCONNECT24; revoke administrative privileges from non-essential accounts; audit and document all current high-privilege users. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Mbconnect24
View allAn issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. Rat
SQL injection in MB Connect Line's mbCONNECT24 and mymbCONNECT24 platforms allows unauthenticated remote attackers to ex
An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.5.0. Rat
An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak
An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. Rat
Blind SQL injection in MB Connect Line mbCONNECT24 and mymbCONNECT24 allows unauthenticated remote attackers to extract
SQL injection in MB Connect Line's mbCONNECT24 and mymbCONNECT24 products allows unauthenticated remote attackers to ext
An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with
In mymbCONNECT24, mbCONNECT24 <= 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind o
In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by
Remote code execution in MB Connect Line mbCONNECT24 and mymbCONNECT24 allows high-privileged authenticated attackers to
Same weakness CWE-425 – Direct Request ('Forced Browsing')
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38422
GHSA-vwqx-9g89-x938