CVE-2026-24060 | THREATINT

Description

Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Position and File Data can be sniffed from network traffic using Wireshark's BACnet dissector filter. The proprietary format used by WebCTRL to receive updates from the PLC can also be sniffed and reverse engineered.

PUBLISHED Reserved 2026-03-12 | Published 2026-03-20 | Updated 2026-03-23 | Assigner icscert

CRITICAL: 9.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-319

Product status

Default status

unaffected

Any version before v8.5

affected

Credits

Jonathan Lee, Thuy D. Nguyen, and Neil C. Rowe of the Naval Postgraduate School reported this vulnerability to CISA. finder

References

www.automatedlogic.com/en/company/security-commitment/

www.cisa.gov/news-events/ics-advisories/icsa-26-078-08

github.com/...p/csaf_files/OT/white/2026/icsa-26-078-08.json

cve.org (CVE-2026-24060)

nvd.nist.gov (CVE-2026-24060)

Download JSON