What is the CVSS score of CVE-2026-1693?

CVE-2026-1693 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.2%.

Which versions of Pcvue are affected by CVE-2026-1693?

PcVue versions 12.0.0 through 16.3.3 contain a high-severity vulnerability in their web services authentication mechanism that could allow attackers to compromise user credentials and gain…

Pcvue CVE-2026-1693

HIGH

Use of Obsolete Function (CWE-477)

2026-02-26 87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932

Information Disclosure Pcvue

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 26, 2026 - 08:16 nvd

HIGH 7.5

DescriptionNVD

The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVue, WebScheduler, TouchVue and Snapvue features of PcVue in version 12.0.0 through 16.3.3 included despite being deprecated. It might allow a remote attacker to steal user credentials.

AnalysisAI

PcVue versions 12.0.0 through 16.3.3 use the deprecated OAuth Resource Owner Password Credentials flow in their web services, enabling remote attackers to steal user credentials without authentication or user interaction. The vulnerability affects WebVue, WebScheduler, TouchVue, and Snapvue components and carries a high severity rating with no patch currently available.

RemediationAI

Within 24 hours: Inventory all PcVue deployments and identify affected versions (12.0.0-16.3.3); disable ROPC authentication if alternative OAuth flows are available and document the change. Within 7 days: Implement network segmentation to restrict web service access to authorized networks only; increase monitoring and logging of OAuth authentication attempts; contact vendor for patch timeline. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-1693 vulnerability details – vuln.today

Back

Pcvue CVE-2026-1693

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code