Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Unauthenticated network call to a missing-auth endpoint (AV:N/AC:L/PR:N/UI:N) yields partial config disclosure only, so C:L and I:N/A:N with unchanged scope.
Primary rating from Vendor (twcert).
CVSS VectorVendor: twcert
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information.
AnalysisAI
Information disclosure in IEI Integration Corp's iRM-IEI Remote Management (iRM-TSI410X) allows unauthenticated remote attackers to retrieve partial system configuration data by invoking a specific function that lacks authentication enforcement. The flaw is reported by TWCERT and carries a CVSS 4.0 base of 7.9, but no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
Technical ContextAI
iRM-TSI410X is part of IEI Integration Corp's iRM (Intelligent Remote Management) platform, an out-of-band/remote management appliance line used to monitor and administer industrial and embedded server hardware. The root cause is CWE-306 (Missing Authentication for a Critical Function): a specific management endpoint or RPC method is exposed without verifying caller identity, so a network-reachable client can call it directly and receive configuration data that should require an authenticated session. CPE cpe:2.3:a:iei_integration_corp:irm-tsi410x:*:*:*:*:*:*:*:* indicates all versions are in scope until a vendor-fixed build is published.
RemediationAI
No vendor-released patch identified at time of analysis in the provided data, so consult the TWCERT advisories at https://www.twcert.org.tw/en/cp-139-10972-32032-2.html and https://www.twcert.org.tw/tw/cp-132-10971-ac61f-1.html and IEI Integration Corp directly for a fixed firmware build for iRM-TSI410X and upgrade as soon as it is released. As compensating controls, place the iRM management interface on an isolated management VLAN and block its TCP ports at the perimeter so it is only reachable from a jump host or admin workstation; if a reverse proxy or load balancer fronts the device, add an allow-list and require client certificates or VPN authentication before traffic reaches the appliance - the trade-off is that legitimate remote administrators must connect through the bastion. Until a fix exists, audit logs for unauthenticated requests to management endpoints and rotate any credentials or topology details that may have been disclosed.
More in Irm Tsi410X
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-36409
GHSA-f59m-5cmv-vcgh