Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Remote unauthenticated request with no user interaction (AV:N/AC:L/PR:N/UI:N); only availability is affected via disk exhaustion (A:H), with no confidentiality or integrity impact and no scope change.
Primary rating from Vendor (Nozomi).
CVSS VectorVendor: Nozomi
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
A denial-of-service vulnerability caused by unbounded resource allocation was discovered in the audit logging functionality, due to a missing size limit on input recorded into audit entries. An unauthenticated attacker can submit requests containing excessively large input that is recorded into audit entries, possibly exhausting the available disk space and rendering the system inoperable.
AnalysisAI
Disk-exhaustion denial of service in Nozomi Networks Guardian and Central Management Console (CMC) lets a remote, unauthenticated attacker fill available storage by sending requests with oversized input that the audit-logging subsystem records without any size limit. Because the affected devices are OT/ICS network-monitoring appliances, exhausting disk can render the sensor or its management console inoperable and blind defenders. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires only network access to a Nozomi Guardian or CMC instance and the ability to submit input that flows into the audit-logging subsystem; per the CVSS vector (AV:N/AC:L/PR:N/UI:N) there are no special conditions - remote unauthenticated exploitation against default configurations of Nozomi Guardian/CMC. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The supplied CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N, VA:H, VC:N/VI:N) is internally consistent: remote, low-complexity, no privileges, no user interaction, availability-only impact with no confidentiality or integrity loss - base score 8.7. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with network reach to a Guardian sensor or CMC console repeatedly sends requests containing very large payloads to an endpoint whose data is written into audit entries. With no size limit enforced, each request appends attacker-sized data to disk until the audit volume is exhausted and the appliance crashes or freezes, blinding OT network monitoring. … |
| Remediation | Apply the fixed release identified in Nozomi Networks advisory NN-2026:11-01 (https://security.nozominetworks.com/NN-2026:11-01) - an exact patched version is not included in the provided data, so obtain it from that advisory (Patch available per vendor advisory). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Restrict Guardian/CMC management interface access to authorized administrator networks via firewall rules; enable automated disk-usage alerts at 70% and 85% capacity thresholds. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Nozomi Networks OS before 19.0.4 allows /#/network?tab=network_node_list.html CSV Injection. Rated high severity (CVSS 7
Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS (in the web front end) by leveraging the ability to
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields us
Authenticated Standard Registry users can execute arbitrary Node.js code in Hashgraph Guardian ≤3.5.0 through unsandboxe
A SQL Injection vulnerability has been found in Nozomi Networks Guardian and CMC, due to improper input validation in ce
A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the alerts_
A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the sorting
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticat
Improper Input Validation vulnerability in custom report logo upload in Nozomi Networks Guardian, and CMC allows an auth
Path Traversal vulnerability when changing timezone using web GUI of Nozomi Networks Guardian, CMC allows an authenticat
OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and
A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42534
GHSA-4jrp-wrhh-5622