CVE-2026-32650

EPSS 0.21%
Veröffentlicht 17.04.2026 19:52:45
Zuletzt bearbeitet 04.05.2026 14:38:05
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

Anviz CrossChex Standard Algorithm Downgrade

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable 
encryption, causing database credentials to be sent in plaintext and 
enabling unauthorized database access.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Anviz ≫ Crosschex Standard Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.21%	0.111

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
ics-cert@hq.dhs.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-757 Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

A protocol or its implementation supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties.

https://www.anviz.com/contact-us.html

Product

https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03

US Government Resource

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.json

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-32650

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-32650

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-32650

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-32650