< ciso
brief />
Tag Banner

All news with #authentication bypass tag

344 articles · page 8 of 18

HPE warns of critical AOS-CX flaw allowing admin resets

🔒 HPE has released patches for multiple vulnerabilities in the AOS-CX network OS, including a critical authentication bypass (CVE-2026-23813) that can allow unauthenticated actors to reset administrator passwords via the web management interface. The company reports no known public exploits at publication. Until updates are applied, HPE recommends isolating management interfaces, enforcing ACLs, disabling unnecessary HTTP(S) on SVIs and routed ports, and increasing logging and monitoring.
read more →

Honeywell IQ4x BMS Controller Critical Authentication Flaw

⚠️CISA warns that Honeywell IQ4x Building Management System controllers expose a factory-default web HMI without authentication (tracked as CVE-2026-3611). An unauthenticated actor able to reach the HTTP interface can create administrative accounts via the U.htm function, gain full read/write control, and potentially lock out legitimate operators. Honeywell has not issued a patch; apply network mitigations immediately.
read more →

CISA: Actively exploited Ivanti EPM flaw patched quickly

🔴 CISA has added a recently patched Ivanti Endpoint Manager vulnerability (CVE-2026-1603) to its Known Exploited Vulnerabilities catalog and ordered federal agencies to remediate within three weeks. The flaw allows unauthenticated remote actors to bypass authentication and exfiltrate credentials via low-complexity cross-site scripting. Ivanti released EPM 2024 SU5 last month, which also addressed an SQL injection issue, and says it has no confirmed reports of exploitation while Shadowserver still tracks over 700 Internet-facing instances.
read more →

Where MFA Stops: Windows Authentication Gaps and Risks

🔐 Organizations often assume multi-factor authentication (MFA) eliminates credential risk, but in many Windows environments that assumption is incomplete. Cloud IdPs like Microsoft Entra ID, Okta, and Google Workspace protect federated sign‑ins, yet traditional Windows authentication paths — including interactive logons, RDP, NTLM, Kerberos ticket abuse, SMB, local admin and service accounts — commonly bypass those controls. The result: attackers can use stolen passwords, NTLM hashes, stolen or forged Kerberos tickets, or reused local credentials to move laterally and maintain persistent access without triggering cloud MFA. Vendor solutions such as Specops Secure Access and Specops Password Policy are presented as practical mitigations to enforce MFA for Windows logon, block compromised passwords, and reduce legacy protocol exposure.
read more →

Cisco Patches Maximum-Severity Flaws in Secure FMC

🔒 Cisco has released updates for two maximum-severity vulnerabilities in Cisco Secure FMC that allow unauthenticated remote attackers to obtain root on affected systems. CVE-2026-20079 is an authentication-bypass flaw exploitable via crafted HTTP requests to gain root, while CVE-2026-20131 is a remote code execution vulnerability triggered by a crafted serialized Java object that can execute arbitrary Java code as root. Cisco also patched dozens of other issues and says its PSIRT has no evidence these flaws are being actively exploited.
read more →

Critical OCPP Backend Vulnerabilities in Everon Platform

🔒 CISA reports multiple critical vulnerabilities in Everon OCPP Backends (api.everon.io) that permit unauthenticated access, session hijacking, credential exposure, and denial-of-service. The advisory details four CVEs, including a CVSS 3.1 score of 9.4 for missing authentication on WebSocket endpoints. Everon reportedly shut down the platform on December 1, 2025; CISA recommends isolating control networks, restricting Internet access, and using secure remote access methods.
read more →

ePower charging stations vulnerable to WebSocket flaws

🔒 CISA warns that ePower epower.ie charging stations contain multiple WebSocket authentication and session-management vulnerabilities that could allow attackers to impersonate chargers, hijack sessions, or disrupt charging services. The advisory catalogs four CVEs, led by a critical authentication bypass (CVE-2026-22552, CVSS 9.4). ePower has not responded to CISA's coordination requests; operators should apply recommended mitigations and minimize network exposure.
read more →

Vulnerabilities in Mobiliti e-mobi.hu Charging Stations

🔒 This advisory details critical authentication and session-management flaws in Mobiliti's e-mobi.hu charging platform that could permit unauthorized administrative access, session hijacking, and denial-of-service against chargers and backend services. Affected versions include all released e-mobi.hu builds. Operators should restrict network exposure, isolate charging networks behind firewalls, and contact Mobiliti support for vendor guidance.
read more →

Labkotec LID-3300IP Vulnerability Allows Auth Bypass

⚠️ The Labkotec LID-3300IP ice detector contains an unauthenticated remote-access vulnerability (CVE-2026-1775) that allows an attacker to modify device parameters and execute operational commands by sending specially crafted packets. CISA assigns a CVSS v3.1 base score of 9.4 (Critical). Labkotec recommends migrating to the LID-3300IP Type 2, installing firmware V2.40, and enabling HTTPS; until remediation, operators should remove Internet exposure, segment networks, enforce strong credentials, and monitor device activity.
read more →

ClawJacked: Local WebSocket Flaw Gives Remote Control

⚠️ Researchers have revealed a high-severity "ClawJacked" vulnerability in OpenClaw that can allow a malicious webpage to take full control of the AI assistant platform. The issue arises because the gateway binds to localhost and treats local connections as trusted, permitting a script to brute-force credentials and auto-register as a trusted node. Once authenticated, an attacker can enumerate devices, read logs and dispatch commands. Users are urged to upgrade to 2026.2.25 or later immediately.
read more →

ClawJacked vulnerability lets websites hijack OpenClaw

🔒 Security researchers disclosed a high-severity ClawJacked vulnerability in OpenClaw that allowed a malicious website to silently brute-force a locally running gateway and take control. Oasis Security reported the issue and OpenClaw released a fix in version 2026.2.26 on February 26. The update hardens WebSocket checks, removes unsafe localhost exemptions, and closes avenues for silent device pairing and credential theft. Administrators should update immediately.
read more →

OpenClaw 'ClawJacked' Flaw Lets Webpages Take Control

🔒OpenClaw addressed a high‑severity vulnerability codenamed ClawJacked that allowed attacker‑controlled webpages to connect to a local OpenClaw gateway, brute‑force its password (no rate limiting), and register as a trusted device with admin privileges because localhost registrations were silently approved. The vendor released 2026.2.25 on Feb 26, 2026, and urges immediate updates, access audits, and stronger governance for agent identities.
read more →

Local OpenClaw Agents Vulnerable to WebSocket Abuse

🔒 Researchers at Oasis Security disclosed a chain of flaws that allowed malicious websites to connect to a locally running OpenClaw agent and seize control. The issue exploits browser behavior that permits WebSocket connections to localhost combined with the agent’s automatic device pairing, weak authentication and disabled rate limits. Tracked as CVE-2026-25253, the vulnerability enabled silent password brute-forcing and device registration. OpenClaw issued a prompt fix (v2026.2.25+) but experts warn architectural changes and stronger controls are needed.
read more →

Chargemap Charging Infrastructure Vulnerabilities Reported

🔒 CISA reports multiple vulnerabilities in Chargemap's public charging infrastructure that could allow attackers to impersonate charging stations, hijack sessions, and disrupt services. The most severe issue (CVE-2026-25851) involves unauthenticated OCPP WebSocket endpoints and carries a CVSS 3.1 base score of 9.4. Chargemap did not respond to coordination; users should contact vendor support and reduce network exposure until fixes are available.
read more →

CloudCharge OCPP WebSocket Flaws Enable Station Impersonation

⚠️ CISA warns of multiple critical vulnerabilities in CloudCharge cloudcharge.se affecting OCPP WebSocket endpoints (four CVEs, highest CVSS 9.4). Exploits can enable station impersonation, session hijacking, credential exposure, and large-scale denial of service by suppressing or misrouting telemetry. CloudCharge did not respond to coordination requests; operators should apply network mitigations and restrict Internet exposure. CISA identifies Energy and Transportation sectors as at risk worldwide.
read more →

Critical OCPP WebSocket Flaws in SWITCH EV Charging

🔒 Successful exploitation of vulnerabilities in SWITCH EV charging infrastructure could allow attackers to impersonate charging stations, hijack sessions, suppress or misroute legitimate telemetry, and manipulate backend data. The advisory identifies four CVEs affecting all product versions, including CVE-2026-27767 with a CVSS 3.1 base score of 9.4 (Critical). Vendor coordination was not received; CISA recommends minimizing network exposure, isolating control-system networks, using secure remote access, and contacting the vendor for remediation status. No known public exploitation has been reported.
read more →

EV2GO ev2go.io WebSocket Auth & Session Risks

🔒 CISA reports multiple critical vulnerabilities in EV2GO ev2go.io WebSocket interfaces that allow unauthenticated actors to impersonate charging stations, hijack sessions, and manipulate backend data. Exploitation can lead to large-scale denial of service, suppression or misrouting of legitimate telemetry, and unauthorized control of charging infrastructure; affected versions are all and the highest CVSS score is 9.4. Vendor coordination was not received; operators should minimize Internet exposure, isolate ICS networks, and implement stronger authentication, session management, and rate limiting.
read more →

Pelco Sarix Pro 3 Series Authentication Bypass Advisory

🔒 CISA reports an authentication bypass vulnerability (CVE-2026-1241) affecting Pelco Sarix Professional 3 Series IP cameras running firmware <=02.52. Successful exploitation can permit unauthenticated access to live video streams and sensitive device data, creating privacy, operational, and compliance risks across multiple critical infrastructure sectors. Pelco has released firmware 02.53 to address the issue; users should update promptly and follow network hardening guidance such as isolating camera networks, minimizing internet exposure, and placing devices behind firewalls.
read more →

Copeland XWEB/XWEB Pro Multiple Critical Vulnerabilities

⚠️ Copeland has released patches addressing numerous severe vulnerabilities in XWEB and XWEB Pro appliances that may allow authentication bypass, remote code execution, denial-of-service, path traversal, and memory corruption. Affected firmware includes XWEB 300D PRO, 500D PRO, and 500B PRO running version 1.12.1 or earlier. Several issues are rated high or critical, including one pre-authentication vulnerability with a CVSS v3.1 score of 10.0. Administrators should apply vendor updates immediately and minimize device exposure on untrusted networks.
read more →

Critical OCPP WebSocket Flaws in Mobility46 Stations

Mobility46 charging stations running mobility46.se are affected by multiple OCPP WebSocket vulnerabilities that can allow unauthorized administrative access, session hijacking, credential exposure, and denial-of-service. Four CVEs are documented, including one critical issue with a CVSS 3.1 base score of 9.4. Mobility46 did not respond to CISA coordination; operators should isolate devices, apply network controls, and contact the vendor for guidance.
read more →