aeon

This vulnerability affects Aeon, a vendor in the industrial automation and IoT device space. The flaw is a local privilege escalation (CVSS 7.8) that requires user interaction but no authentication, allowing an attacker with local access to gain full control over system confidentiality, integrity, and availability. Security teams should monitor for exploitation attempts on Aeon devices and prioritize patching once the vendor releases a fix by the June 2026 deadline.