CWE-923
Improper Restriction of Communication Channel to Intended Endpoints
Monthly
Unauthenticated network access to Home Assistant apps bypasses intended Docker isolation on Linux systems, exposing internal services to any device on the local network. Apps configured with host network mode inadvertently bind internal Docker bridge endpoints to the broader LAN without authentication controls, enabling unauthorized access with high confidentiality, integrity, and availability impact (CVSS 9.6). Vendor-released patch available in Home Assistant Supervisor 2026.03.02. No public exploit identified at time of analysis, though exploitation requires only adjacent network access with low attack complexity.
IBM Concert versions 1.0.0 through 2.2.0 contain an improper channel communication restriction vulnerability that allows privileged users to perform unauthorized actions by bypassing intended endpoint controls. The vulnerability, classified as CWE-923 (Improper Restriction of Communication Channel to Intended Endpoints), has a CVSS score of 5.1 with medium integrity impact and is not currently listed in CISA's Known Exploited Vulnerabilities catalog, though a vendor patch is available.
An improper restriction of communication channel to intended endpoints vulnerability (CWE-923) has been identified in QNAP QHora devices, allowing attackers with physical access to exploit insufficient endpoint validation and gain privileges intended for legitimate endpoints. The vulnerability affects QHora/QuRouter products prior to version 2.6.3.009. While no CVSS score or EPSS data is currently available and the vulnerability does not appear in active exploitation databases (KEV), the physical access requirement significantly constrains real-world exploitability, though the privilege escalation impact remains concerning for organizations with physical security controls.
Azure IoT Explorer fails to properly restrict communication to intended endpoints, enabling unauthenticated attackers to intercept and disclose sensitive information over the network. The vulnerability requires no user interaction and can be exploited remotely with a CVSS score of 7.5. A patch is available for affected Azure IoT products.
A vulnerability has been identified in Heliox Flex 180 kW EV Charging Station (All versions < F4.11.1), Heliox Mobile DC 40 kW EV Charging Station (All versions < L4.10.1). [CVSS 2.6 LOW]
VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. [CVSS 5.9 MEDIUM]
An unused function in MicroServer can start a reverse SSH connection to a vendor registered domain, without mutual authentication. [CVSS 8.8 HIGH]
NVIDIA RunAI for all platforms contains a vulnerability where a user could cause an improper restriction of communications channels on an adjacent network. Rated medium severity (CVSS 6.2). No vendor patch available.
This vulnerability in the Signal Level Attenuation Characterization (SLAC) protocol allows attackers to conduct man-in-the-middle attacks against electric vehicles and ISO 15118-2 compliant chargers by injecting spoofed signal level measurements. An attacker within close electromagnetic proximity can intercept and manipulate the wireless communication between EVs and chargers, potentially compromising the confidentiality and integrity of charging transactions. While the CVSS score of 6.3 indicates medium severity with low complexity exploitation, the EPSS score of 0.03% (6th percentile) suggests minimal real-world exploitation likelihood despite the critical nature of EV charging infrastructure.
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.
Unauthenticated network access to Home Assistant apps bypasses intended Docker isolation on Linux systems, exposing internal services to any device on the local network. Apps configured with host network mode inadvertently bind internal Docker bridge endpoints to the broader LAN without authentication controls, enabling unauthorized access with high confidentiality, integrity, and availability impact (CVSS 9.6). Vendor-released patch available in Home Assistant Supervisor 2026.03.02. No public exploit identified at time of analysis, though exploitation requires only adjacent network access with low attack complexity.
IBM Concert versions 1.0.0 through 2.2.0 contain an improper channel communication restriction vulnerability that allows privileged users to perform unauthorized actions by bypassing intended endpoint controls. The vulnerability, classified as CWE-923 (Improper Restriction of Communication Channel to Intended Endpoints), has a CVSS score of 5.1 with medium integrity impact and is not currently listed in CISA's Known Exploited Vulnerabilities catalog, though a vendor patch is available.
An improper restriction of communication channel to intended endpoints vulnerability (CWE-923) has been identified in QNAP QHora devices, allowing attackers with physical access to exploit insufficient endpoint validation and gain privileges intended for legitimate endpoints. The vulnerability affects QHora/QuRouter products prior to version 2.6.3.009. While no CVSS score or EPSS data is currently available and the vulnerability does not appear in active exploitation databases (KEV), the physical access requirement significantly constrains real-world exploitability, though the privilege escalation impact remains concerning for organizations with physical security controls.
Azure IoT Explorer fails to properly restrict communication to intended endpoints, enabling unauthenticated attackers to intercept and disclose sensitive information over the network. The vulnerability requires no user interaction and can be exploited remotely with a CVSS score of 7.5. A patch is available for affected Azure IoT products.
A vulnerability has been identified in Heliox Flex 180 kW EV Charging Station (All versions < F4.11.1), Heliox Mobile DC 40 kW EV Charging Station (All versions < L4.10.1). [CVSS 2.6 LOW]
VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. [CVSS 5.9 MEDIUM]
An unused function in MicroServer can start a reverse SSH connection to a vendor registered domain, without mutual authentication. [CVSS 8.8 HIGH]
NVIDIA RunAI for all platforms contains a vulnerability where a user could cause an improper restriction of communications channels on an adjacent network. Rated medium severity (CVSS 6.2). No vendor patch available.
This vulnerability in the Signal Level Attenuation Characterization (SLAC) protocol allows attackers to conduct man-in-the-middle attacks against electric vehicles and ISO 15118-2 compliant chargers by injecting spoofed signal level measurements. An attacker within close electromagnetic proximity can intercept and manipulate the wireless communication between EVs and chargers, potentially compromising the confidentiality and integrity of charging transactions. While the CVSS score of 6.3 indicates medium severity with low complexity exploitation, the EPSS score of 0.03% (6th percentile) suggests minimal real-world exploitation likelihood despite the critical nature of EV charging infrastructure.
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.