Skip to main content

ICU Scandinavia Boomerang EUVDEUVD-2026-44667

| CVE-2026-46459 MEDIUM
Missing Authorization (CWE-862)
2026-07-15 CERT-PL GHSA-jm44-25h7-5782
5.3
CVSS 4.0 · Vendor: CERT-PL
Share

Severity by source

Vendor (CERT-PL) PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.4 MEDIUM

Adjacent network vector (AV:A) consistent with CVSS 4.0 source; no privileges or interaction needed; limited read/write impact with no availability impact or scope change.

3.1 AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
4.0 AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (CERT-PL).

CVSS VectorVendor: CERT-PL

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Patch available
Jul 15, 2026 - 17:48 EUVD
Analysis Generated
Jul 15, 2026 - 13:23 vuln.today

DescriptionCVE.org

ICU Scandinavia Boomerang is vulnerable to a missing authentication flaw in its device receiver endpoints. This allows an unauthenticated remote attacker to read full facility configurations and write unauthorized data to the sensor database. This issue has been fixed in version 2.4.18.029

AnalysisAI

Missing authorization on device receiver endpoints in ICU Scandinavia Boomerang exposes facility and quality-assurance installations to unauthenticated read and write access over adjacent networks. Any attacker with network adjacency can retrieve complete facility configurations and inject arbitrary data into the sensor database without supplying credentials, violating both confidentiality and integrity of operational sensor records. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain adjacent network access
Delivery
Identify Boomerang receiver endpoints
Exploit
Send unauthenticated read request
Execution
Exfiltrate facility configuration
Impact
Inject arbitrary sensor records into database

Vulnerability AssessmentAI

Exploitation Requires adjacent network access to the Boomerang device receiver endpoints - the CVSS 4.0 AV:A metric confirms exploitation is limited to the local network segment (same VLAN or broadcast domain) and is not directly reachable from the internet. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 5.3 (Medium) appropriately reflects the constrained attack surface: the AV:A metric limits exposure to adjacent-network attackers, significantly narrowing the exploitable population compared to an internet-facing vulnerability. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has gained access to the same network segment as a Boomerang installation - via a compromised workstation, rogue device, or misconfigured Wi-Fi - sends unauthenticated HTTP requests directly to the device receiver endpoints. Without any credential challenge, they can download the complete facility configuration and subsequently submit fabricated sensor readings to the database, potentially corrupting quality-assurance records or masking real environmental alerts.
Remediation Upgrade ICU Scandinavia Boomerang to version 2.4.18.029 or later, which is confirmed by the CVE description as the vendor-released fix. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-44667 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy