Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanism to enable or configure authentication, the issue is inherent to its design rather than a deployment error.
AnalysisAI
Anritsu MS27100A/MS27101A/MS27102A/MS27103A Remote Spectrum Monitors contain a design-level authentication bypass allowing unauthenticated remote attackers to fully access and manipulate the management interface. This is not a configuration weakness but an inherent architectural flaw (CWE-306: Missing Authentication) with CVSS 9.3 critical severity. No public exploit identified at time of analysis, but trivial exploitation is expected given the complete absence of authentication mechanisms. ICS-CERT advisory confirms the vulnerability affects operational technology environments.
Technical ContextAI
The vulnerability stems from CWE-306 (Missing Authentication for Critical Function), where Anritsu's Remote Spectrum Monitor product line lacks any built-in authentication framework for its management interface. Spectrum monitors are specialized network analysis devices used in telecommunications and RF testing environments to capture and analyze wireless signals. The affected CPE strings (cpe:2.3:a:anritsu:remote_spectrum_monitor_ms2710*) indicate all versions of the MS27100A, MS27101A, MS27102A, and MS27103A models contain this design flaw. The CVSS 4.0 vector shows network-based attack vector (AV:N), low complexity (AC:L), no attack requirements (AT:N), no privileges required (PR:N), and no user interaction (UI:N), confirming the interface is directly exposed without any authentication layer. This represents a fundamental architectural security failure rather than a patchable implementation bug.
RemediationAI
Upstream fix available (PR/commit); released patched version not independently confirmed from available data. Organizations should immediately consult CISA advisory ICSA-26-090-01 at https://www.cisa.gov/news-events/ics-advisories/icsa-26-090-01 for vendor guidance and firmware availability. As an architectural flaw, remediation requires Anritsu to release firmware adding authentication framework-configuration changes cannot address this issue. Interim compensating controls are critical: isolate affected devices on dedicated management VLANs with strict firewall rules permitting access only from authorized jump hosts or management workstations; implement network access control (802.1X) on switch ports connecting these devices; deploy intrusion detection systems monitoring for unauthorized access attempts; consider VPN or bastion host requirements for any remote management. Do not expose these devices to untrusted networks or the internet. Contact Anritsu technical support for firmware update timeline and emergency mitigation guidance specific to your deployment environment.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-17585