EUVD-2026-17585
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3Description
The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanism to enable or configure authentication, the issue is inherent to its design rather than a deployment error.
Analysis
Anritsu MS27100A/MS27101A/MS27102A/MS27103A Remote Spectrum Monitors contain a design-level authentication bypass allowing unauthenticated remote attackers to fully access and manipulate the management interface. This is not a configuration weakness but an inherent architectural flaw (CWE-306: Missing Authentication) with CVSS 9.3 critical severity. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify and inventory all Anritsu MS27100A, MS27101A, MS27102A, and MS27103A devices in your environment; document network locations and operational dependencies. Within 7 days: Implement network-level compensating controls by restricting management interface access to authorized IP ranges via firewall rules; disable remote management if operationally feasible; conduct access logs review for unauthorized connection attempts. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today