Skip to main content

CAXperts UPVWebServices CVE-2026-35552

| EUVDEUVD-2026-42496 HIGH
Missing Authorization (CWE-862)
2026-07-08 cve@mitre.org GHSA-h5xf-rv7f-wv3m
8.1
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
8.1 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
vuln.today AI
6.5 MEDIUM

Authenticated low-privilege remote user (PR:L, AV:N, AC:L) abusing an unprotected endpoint; the actual impact is license deactivation causing service outage, so A:H with C:N/I:N.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (mitre).

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

3
Analysis Generated
Jul 09, 2026 - 16:43 vuln.today
CVSS changed
Jul 09, 2026 - 16:22 NVD
8.1 (None) 8.1 (HIGH)
CVE Published
Jul 08, 2026 - 22:17 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

In CAXperts UPVWebServices 2.4.2212.603 through 2.7.6 and UDiTH Portal 2026.0.0 through 2026.2.0, an authenticated remote user can invoke an administrative API endpoint intended for privileged users. Due to missing authorization checks, this allows the attacker to deactivate the application's license.

AnalysisAI

Privilege-boundary bypass in CAXperts UPVWebServices (2.4.2212.603-2.7.6) and the companion UDiTH Portal (2026.0.0-2026.2.0) lets any authenticated low-privilege user reach an administrative API endpoint that lacks an authorization check, enabling them to deactivate the application's license and disable the service. Rated CVSS 8.1 by the reporter, this is a broken-access-control (CWE-862) issue affecting engineering-portal deployments. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain valid low-privilege portal credentials
Delivery
Authenticate to UPVWebServices/UDiTH Portal
Exploit
Send crafted request to admin license endpoint
Execution
Missing authorization check accepts call
Impact
License deactivated, application disabled (DoS)

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid authenticated session on UPVWebServices or the UDiTH Portal (CVSS PR:L confirms at least low-privilege authentication is needed - this is not an unauthenticated attack) plus network reachability to the API. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals conflict and should be weighed carefully. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A disgruntled employee or an attacker who has phished a single ordinary portal login authenticates to the UDiTH Portal, then sends a direct HTTP request to the administrative license API endpoint that the UI normally hides from non-admins. Because the server never checks the caller's role, the license is deactivated and the plant-viewer application stops serving users, producing a denial of service. …
Remediation Consult the vendor advisory CAXSEC-2026-001 (https://github.com/caxperts/security-advisories/blob/main/2026/CAXSEC-2026-001_portal.md) and upgrade to a fixed release above UPVWebServices 2.7.6 / UDiTH Portal 2026.2.0; note that no vendor-released patched version number was provided in the available data, so confirm the exact fixed build directly with CAXperts before deploying. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify and document all deployments of UPVWebServices (versions 2.4.2212.603-2.7.6) and UDiTH Portal (2026.0.0-2026.2.0); audit low-privilege user accounts and their access scope. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-35552 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy