CVE-2026-33569

EPSS 0.19%
Veröffentlicht 17.04.2026 19:30:46
Zuletzt bearbeitet 04.05.2026 14:31:32
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

Anviz Products Cleartext Transmission of Sensitive Information

Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling 
on‑path attackers to sniff credentials and session data, which can be 
used to compromise the device.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Anviz ≫ Cx7 Firmware Version-

Anviz ≫ Cx7 Version-

Anviz ≫ Cx2 Lite Firmware Version-

Anviz ≫ Cx2 Lite Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.083

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
ics-cert@hq.dhs.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

https://www.anviz.com/contact-us.html

Product

https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03

US Government Resource

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.json

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-33569

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-33569

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-33569

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-33569