Home

Description

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access.

PUBLISHED Reserved 2026-04-14 | Published 2026-04-17 | Updated 2026-04-17 | Assigner icscert




HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-757

Product status

Default status
unaffected

All versions
affected

References

www.anviz.com/contact-us.html

www.cisa.gov/news-events/ics-advisories/icsa-26-106-03

github.com/...p/csaf_files/OT/white/2026/icsa-26-106-03.json

cve.org (CVE-2026-32650)

nvd.nist.gov (CVE-2026-32650)

Download JSON