Skip to main content

ibaPDA CVE-2026-8024

| EUVD-2026-37869 CRITICAL
Deserialization of Untrusted Data (CWE-502)
2026-06-18 CERTVDE GHSA-29x2-9v4j-q39r
Deserialization Ibapda Ibadatcoordinator
9.3
CVSS 4.0 · Vendor: CERTVDE
Share

Severity by source

Vendor (CERTVDE) PRIMARY
9.3 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
9.8 CRITICAL

Description states a remote unauthenticated attacker gains full access via deserialization, so AV:N/AC:L/PR:N/UI:N with full C/I/A impact and unchanged scope.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (CERTVDE).

CVSS VectorVendor: CERTVDE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Patch available
Jun 18, 2026 - 12:16 EUVD
Analysis Generated
Jun 18, 2026 - 11:15 vuln.today

DescriptionCVE.org

A remote, unauthenticated attacker may exploit a deserialization of untrusted data vulnerability in ibaPDA or ibaDatCoordinator to gain full access to the affected systems.

AnalysisAI

Remote code execution in iba ibaPDA and ibaDatCoordinator allows unauthenticated network attackers to gain full system control by exploiting an unsafe deserialization flaw (CWE-502). The CVSS 4.0 score of 9.3 reflects network-reachable exploitation with no privileges or user interaction and high impact across confidentiality, integrity, and availability. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify reachable ibaPDA/ibaDatCoordinator host
Delivery
Connect to deserialization-exposed service port
Exploit
Send crafted serialized gadget chain
Execution
Trigger unsafe deserialization in process
Persist
Execute arbitrary code as service account
Impact
Pivot into OT network and tamper with process data
Sign in to reveal

Vulnerability AssessmentAI

Exploitation No special conditions - remote unauthenticated exploitation against default configurations of ibaPDA or ibaDatCoordinator, per the CVSS 4.0 vector AV:N/AC:L/AT:N/PR:N/UI:N, requiring only network reachability to the product's service port and no user interaction or credentials. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment All signals point to a genuine high-priority issue: the CVSS 4.0 vector AV:N/AC:L/AT:N/PR:N/UI:N with VC:H/VI:H/VA:H describes trivially exploitable, unauthenticated remote code execution with full impact on the vulnerable system, and the 9.3 base score reflects that. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with network reachability to an ibaPDA or ibaDatCoordinator host - for example, a contractor laptop on the same plant VLAN or an attacker who has pivoted from IT into OT - sends a crafted serialized object to the product's listening service, triggering deserialization of a gadget chain that executes attacker-supplied code as the service account. With full code execution on a process historian, the attacker can read or tamper with collected process data, deploy further tooling, and pivot deeper into the ICS environment; no public POC is currently identified but deserialization gadget chains for common .NET/Java stacks are well documented.
Remediation Patch availability is indicated by the CERT@VDE coordinated advisory VDE-2026-051 but the input does not contain an exact fixed version, so treat this as: patch available per vendor advisory - consult https://certvde.com/en/advisories/VDE-2026-051 and the CSAF feed at https://iba.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-051.json for the precise upgrade target for ibaPDA and ibaDatCoordinator and upgrade promptly. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Conduct immediate inventory of all ibaPDA and ibaDatCoordinator deployments and their network connectivity; prioritize any internet-connected or remotely accessible instances. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-8024 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy