Skip to main content

Vegapuls 6X Two Wire Profinet Modbus Tcp Opc Ua Ethernet Apl

1 CVEs product

Monthly

CVE-2026-3323 HIGH This Week

Remote unauthenticated access to sensitive data in VEGA VEGAPULS 6X Two-Wire industrial sensors exposes hashed credentials and access codes via unsecured configuration interface. Network-accessible interface (AV:N/AC:L/PR:N/UI:N) allows attackers to extract authentication materials without any prerequisites, enabling credential cracking and potential lateral movement in industrial networks. EPSS and KEV data not available; CERTVDE advisory confirms vulnerability in Ethernet-APL enabled industrial level measurement devices running PROFINET, Modbus TCP, and OPC UA protocols. No public exploit identified at time of analysis, though exploitation trivial due to lack of authentication requirement.

Authentication Bypass Vegapuls 6X Two Wire Profinet Modbus Tcp Opc Ua Ethernet Apl
NVD
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 7.5
HIGH This Week

Remote unauthenticated access to sensitive data in VEGA VEGAPULS 6X Two-Wire industrial sensors exposes hashed credentials and access codes via unsecured configuration interface. Network-accessible interface (AV:N/AC:L/PR:N/UI:N) allows attackers to extract authentication materials without any prerequisites, enabling credential cracking and potential lateral movement in industrial networks. EPSS and KEV data not available; CERTVDE advisory confirms vulnerability in Ethernet-APL enabled industrial level measurement devices running PROFINET, Modbus TCP, and OPC UA protocols. No public exploit identified at time of analysis, though exploitation trivial due to lack of authentication requirement.

Authentication Bypass Vegapuls 6X Two Wire Profinet Modbus Tcp Opc Ua Ethernet Apl
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy