{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3323", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2026-02-27T11:10:05.931Z", "datePublished": "2026-04-28T10:24:19.411Z", "dateUpdated": "2026-04-28T10:24:19.411Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "VEGAPULS 6X Two-wire PROFINET, Modbus TCP, OPC UA (Ethernet-APL)", "vendor": "VEGA Grieshaber", "versions": [{"status": "affected", "version": "1.0.0"}]}, {"defaultStatus": "unaffected", "product": "VEGAPULS 6X Two-wire PROFINET, Modbus TCP, OPC UA (Ethernet-APL)", "vendor": "VEGA Grieshaber", "versions": [{"status": "affected", "version": "1.1.0"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:vega:vegapuls6x_pn_firmware:1.0.0:*:*:*:*:*:*:*", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:vega:vegapuls6x_pn_firmware:1.1.0:*:*:*:*:*:*:*", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Product Security Unit at VEGA Grieshaber KG"}], "datePublic": "2026-04-22T10:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes.<br>"}], "value": "An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2026-04-28T10:24:19.411Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://certvde.com/en/advisories/VDE-2026-016"}, {"tags": ["vendor-advisory"], "url": "https://vega.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-016.json"}], "source": {"advisory": "VDE-2026-016", "defect": ["CERT@VDE#641966"], "discovery": "INTERNAL"}, "title": "VEGA: Privilege escalation through unsecured configuration interface in VEGAPULS devices", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes."}], "id": "CVE-2026-3323", "lastModified": "2026-04-28T11:16:05.967", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "info@cert.vde.com", "type": "Primary"}]}, "published": "2026-04-28T11:16:05.967", "references": [{"source": "info@cert.vde.com", "url": "https://certvde.com/en/advisories/VDE-2026-016"}, {"source": "info@cert.vde.com", "url": "https://vega.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-016.json"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "info@cert.vde.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T12:13:37.699111+00:00", "value": {"mitigation_remediation": ["Apply the latest official firmware update or vendor patch to VEGA Grieshaber VEGAPULS 6X devices that addresses the unsecured configuration interface.", "Secure the configuration interface by disabling remote access or restricting it to trusted local networks and enforcing strong authentication methods.", "Monitor device logs for unauthorized configuration access attempts and verify that the interface is no longer exposed to unauthenticated network traffic."], "summary": {"action": "Apply Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The flaw affects VEGA Grieshaber VEGAPULS 6X Two-wire PROFINET, Modbus TCP, OPC UA (Ethernet-APL) devices running firmware versions 1.0.0 and 1.1.0.", "description_and_impact": "An unsecured configuration interface on affected VEGAPULS devices allows unauthenticated remote attackers to read sensitive data such as hashed credentials and access codes, potentially enabling further privileged access.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity. The EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog. Inferred from the description, the attack vector is remote over the network, exploiting an unsecured configuration interface without authentication."}}}}, "created": "2026-04-28T12:15:30.882992+00:00", "updated": "2026-04-28T12:15:30.883003+00:00", "vendors": []}