Skip to main content

Webctrl Premium Server CVE-2026-32666

| EUVDEUVD-2026-13861 HIGH
Authentication Bypass by Spoofing (CWE-290)
2026-03-20 icscert
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 20, 2026 - 23:31 euvd
EUVD-2026-13861
Analysis Generated
Mar 20, 2026 - 23:31 vuln.today
CVE Published
Mar 20, 2026 - 23:17 nvd
HIGH 7.5

DescriptionCVE.org

WebCTRL systems that communicate over BACnet inherit the protocol's lack of network layer authentication. WebCTRL does not implement additional validation of BACnet traffic so an attacker with network access could spoof BACnet packets directed at either the WebCTRL server or associated AutomatedLogic controllers. Spoofed packets may be processed as legitimate.

AnalysisAI

WebCTRL Premium Server systems contain an authentication bypass vulnerability arising from BACnet protocol's inherent lack of network layer authentication, compounded by WebCTRL's failure to implement additional validation. An attacker with network access can spoof BACnet packets targeting either the WebCTRL server or associated AutomatedLogic controllers, which will process the spoofed packets as legitimate traffic. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain network access to BACnet segment
Delivery
Craft spoofed BACnet packets
Exploit
Send malicious packets to WebCTRL server
Execution
Server processes packets as legitimate
Impact
Attacker modifies building automation commands

Vulnerability AssessmentAI

Exploitation Attacker requires network access to WebCTRL systems using BACnet protocol communication. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) indicates this is a network-exploitable vulnerability with low attack complexity requiring no privileges or user interaction, resulting in high integrity impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who gains access to the building automation network segment (either through compromised IT systems, rogue wireless access points, or physical network access) can craft spoofed BACnet packets with forged source addresses. These packets could send commands to AutomatedLogic controllers to manipulate HVAC systems, lighting, access control, or other building functions, causing physical disruption, safety hazards, or enabling further attack vectors like forcing doors open or disabling environmental controls in sensitive areas. …
Remediation Consult the ICS-CERT advisory ICSA-26-078-08 at https://www.cisa.gov/news-events/ics-advisories/icsa-26-078-08 and Automated Logic's security commitment page at https://www.automatedlogic.com/en/company/security-commitment/ for official vendor guidance on patches or firmware updates. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify and inventory all WebCTRL Premium Server installations and assess network exposure. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-32666 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy