Skip to main content

Anviz Cx7 Firmware CVE-2026-32648

| EUVDEUVD-2026-23478 MEDIUM
Missing Authorization (CWE-862)
2026-04-17 icscert
5.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Apr 17, 2026 - 20:08 vuln.today
EUVD ID Assigned
Apr 17, 2026 - 19:45 euvd
EUVD-2026-23478
Analysis Generated
Apr 17, 2026 - 19:45 vuln.today
CVE Published
Apr 17, 2026 - 19:34 nvd
MEDIUM 5.3

DescriptionCVE.org

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug configuration details (e.g., SSH/RTTY status), assisting attackers in reconnaissance against the device.

AnalysisAI

Unauthenticated remote attackers can access debug configuration endpoints on Anviz CX2 Lite and CX7 devices without credentials, exposing SSH and RTTY status information that facilitates reconnaissance. The vulnerability exists in network-accessible endpoints that return sensitive debug data, affecting both device models across all firmware versions.

Technical ContextAI

This vulnerability exploits insufficient access control on administrative or debug endpoints in Anviz biometric/access control devices. The underlying issue is classified as CWE-862 (Missing Authorization), indicating that the application fails to implement proper authentication checks before disclosing sensitive configuration data. Anviz CX2 Lite and CX7 are networked access control and time attendance devices commonly deployed in enterprise environments. The debug endpoints leak information about RTTY (remote terminal) and SSH service status, which are typically restricted to authenticated administrative users. The vulnerability is likely in web-based management interfaces or API endpoints that do not validate authentication tokens or session credentials before returning configuration objects.

RemediationAI

Contact Anviz via https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03 for vendor-provided patch details and firmware updates, as no specific patched version is currently documented in the CVE record. Until a vendor fix is deployed, implement network segmentation to restrict access to Anviz device management interfaces using firewall rules - block inbound access to management ports (typically HTTP/HTTPS, SSH) from untrusted networks and limit administrative access to a whitelist of trusted administrator IP addresses or VPN subnets. Disable RTTY and SSH services if they are not operationally required, as these features create secondary attack surfaces once debug information is disclosed. Monitor network traffic to and from Anviz devices for unusual API queries or repeated requests to debug endpoints using intrusion detection signatures or SIEM rules targeting the device's management interface. Apply the official firmware update from Anviz immediately upon release; maintain an inventory of deployed CX2 Lite and CX7 devices to ensure no systems are missed during patching.

Share

CVE-2026-32648 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy