Skip to main content

UniversalPlantViewer WebServices CVE-2026-36035

| EUVDEUVD-2026-44578 MEDIUM
Improper Access Control (CWE-284)
2026-07-14 cve@mitre.org GHSA-467v-w526-45hg
6.5
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
6.5 MEDIUM

Network-accessible REST endpoint requires only low-privilege authentication; impact is purely availability loss with no confidentiality or integrity component, scoped to the single system.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (mitre).

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Jul 15, 2026 - 15:35 vuln.today
CVSS changed
Jul 15, 2026 - 15:22 NVD
6.5 (MEDIUM)
CVE Published
Jul 14, 2026 - 23:17 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Incorrect access control in the /api/License/deactivateOffline endpoint of CAXPerts UniversalPlantViewer WebServices Server v2.7.6 allows authenticated attackers with low-level privileges to cause a Denial of Service (DoS) via removing the license from the webserver.

AnalysisAI

Incorrect access control in CAXPerts UniversalPlantViewer WebServices Server v2.7.6 allows any authenticated low-privilege user to invoke the /api/License/deactivateOffline endpoint and strip the server's license, rendering the service inoperable. The flaw (CWE-284) grants low-privileged accounts an action that should be restricted to administrative roles, providing a trivial denial-of-service primitive against industrial plant visualization infrastructure. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege account credentials
Delivery
Authenticate to WebServices Server API
Exploit
Send HTTP request to /api/License/deactivateOffline
Execution
Server accepts request without privilege check
Persist
License removed from webserver
Impact
Service enters denial-of-service state

Vulnerability AssessmentAI

Exploitation Exploitation requires network access to the UniversalPlantViewer WebServices Server API (CVSS AV:N confirms network reachability) and possession of any valid account with low-level privileges (CVSS PR:L) - no administrative account is needed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The NVD CVSS 3.1 base score of 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) is consistent with the described vulnerability: network-reachable endpoint, no user interaction, low complexity, but requiring at least a valid low-privilege account. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker or malicious insider who holds any valid low-privilege account on the UniversalPlantViewer WebServices Server authenticates normally and then sends an HTTP request to /api/License/deactivateOffline. The server processes the request without checking whether the caller is an administrator, removes the license, and the WebServices Server enters a non-functional state, denying service to all users of the plant visualization platform. …
Remediation No vendor-released patch or fixed version has been identified at time of analysis - no advisory URL with a specific remediation version was included in the provided references, and the vendor sites (https://caxperts.com, https://universalplantviewer.com) should be monitored directly for patch availability. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-36035 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy