Skip to main content

Mosaic Show Controller

1 CVEs product

Monthly

CVE-2026-2417 CRITICAL CISA Emergency

Unauthenticated remote code execution in Pharos Controls Mosaic Show Controller firmware 2.15.3 enables attackers to bypass authentication and execute arbitrary commands with root privileges without user interaction. This critical vulnerability affects all instances exposed to network access with no available patch. The extremely low EPSS score suggests limited real-world exploitation despite the severe technical impact.

Authentication Bypass Mosaic Show Controller
NVD VulDB
CVSS 4.0
9.3
EPSS
0.1%
EPSS 0% CVSS 9.3
CRITICAL Emergency

Unauthenticated remote code execution in Pharos Controls Mosaic Show Controller firmware 2.15.3 enables attackers to bypass authentication and execute arbitrary commands with root privileges without user interaction. This critical vulnerability affects all instances exposed to network access with no available patch. The extremely low EPSS score suggests limited real-world exploitation despite the severe technical impact.

Authentication Bypass Mosaic Show Controller
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy