Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Primary rating from Vendor (icscert) · only source for this CVE.
CVSS VectorVendor: icscert
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Lifecycle Timeline
7DescriptionCVE.org
The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing an attacker with network access to directly access and modify its configuration and operational functions without needing credentials.
AnalysisAI
Carlson Software VASCO-B GNSS receivers allow remote unauthenticated attackers to fully access and modify device configuration and operational functions due to complete absence of authentication controls (CWE-306). The network-accessible interface requires no credentials, enabling attackers to compromise device integrity and availability with low attack complexity. EPSS and KEV status not provided in available data; exploitation requires only network connectivity to the device management interface, typical in surveying and precision agriculture deployments where GNSS receivers may be exposed on operational networks.
Technical ContextAI
The VASCO-B is a Global Navigation Satellite System (GNSS) receiver used in surveying, precision agriculture, and geospatial applications requiring high-accuracy positioning data. The vulnerability stems from CWE-306 (Missing Authentication for Critical Function), meaning the device's configuration and control interface implements no authentication mechanism whatsoever. GNSS receivers typically expose web-based or proprietary network management interfaces for configuration of correction services (RTK/PPP), logging parameters, network settings, and operational modes. The CPE string (cpe:2.3:a:carlson_software:vasco-b_gnss_receiver) indicates all versions of the product line are potentially affected, though exact version ranges are not specified in available data. This represents a fundamental security architecture flaw rather than an implementation bug, as the authentication layer was not designed into the product.
RemediationAI
Contact Carlson Software through their support portal at https://www.carlsonsw.com/support-and-training/ to request firmware update status and authentication implementation timeline, as no specific patch version is identified in available data. Until vendor-provided authentication controls are available, implement network-level compensating controls: isolate VASCO-B devices on dedicated VLANs or physically separate network segments with firewall rules permitting management access only from specific authorized administrator workstations (not entire subnets). For cellular-connected units, disable remote management interfaces if field operations permit and require physical access for configuration changes (trade-off: reduces operational flexibility for remote troubleshooting). Deploy network access control (NAC) solutions to authenticate devices attempting to reach GNSS receiver management ports. Monitor network traffic to receiver IP addresses for unauthorized configuration attempts (look for HTTP/HTTPS or proprietary protocol sessions from unexpected sources). For internet-exposed deployments, immediately remove public accessibility and implement VPN-based access with multi-factor authentication. Document all configuration changes and implement change control processes to detect unauthorized modifications through out-of-band verification of device settings.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26081