BetaIT-Hub is in early access — your feedback helps us improve. Use the chat or email [email protected]

News Vulnerability
VulnerabilityCISA·64d ago

Anritsu Remote Spectrum Monitor

p a href= https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-090-01.json strong View CSAF /strong /a /p h2 Summary /h2 p strong Successful exploitation of this vulnerability could allow attackers with network access to alter operational settings, obtain sensitive signal data, or disrupt device availability. /strong /p p The following versions of Anritsu Remote Spectrum Monitor are affected: /p ul li Remote Spectrum Monitor MS27100A vers:all/* (CVE-2026-3356) /li li Remote Spectrum Monitor MS27101A vers:all/* (CVE-2026-3356) /li li Remote Spectrum Monitor MS27102A vers:all/* (CVE-2026-3356) /li li Remote Spectrum Monitor MS27103A vers:all/* (CVE-2026-3356) /li /ul div class= csaf-table table class= tablesaw tablesaw-stack data-tablesaw-mode= stack data-tablesaw-minimap thead tr th role= columnheader data-tablesaw-priority= persist CVSS /th th role= columnheader Vendor /th th role= columnheader Equipment /th th role= columnheader Vulnerabilities /th /tr /thead tbody tr td v3 9.8 /td td Anritsu /td td Anritsu Remote Spectrum Monitor /td td Missing Authentication for Critical Function /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Communications, Defense Industrial Base, Emergency Services, Transportation Systems /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong Japan /li /ul hr h2 Vulnerabilities /h2 div class= csaf-accordion p a class= csaf-accordion-toggle-all href= # Expand All + /a /p div class= csaf-accordion-item h3 a class= csaf-accordion-toggle href= # CVE-2026-3356 /a /h3 div class= csaf-accordion-content p The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanism to enable or configure authentication, the issue is inherent to its design rather than a deployment error. /p p a href= https://www.cve.org/CVERecord?id=CVE-2026-3356 View CVE Details /a /p hr h4 Affected Products /h4 h5 Anritsu Remote Spectrum Monitor /h5 div class= ics-vendor-version-status div class= ics-vendor strong Vendor: /strong br Anritsu /div div class= ics-version strong Product Version: /strong br Anritsu Remote Spectrum Monitor MS27100A: vers:all/*, Anritsu Remote Spectrum Monitor MS27101A: vers:all/*, Anritsu Remote Spectrum Monitor MS27102A: vers:all/*, Anritsu Remote Spectrum Monitor MS27103A: vers:all/* /div div class= ics-status strong Product Status: /strong br known_affected /div /div div class= ics-remediations h6 Remediations /h6 p strong Mitigation /strong br Anritsu has no plans to fix this issue. Anritsu recommends that users deploy Remote Spectrum Monitor within secure network environments to mitigate potential risks. /p p strong Mitigation /strong br Users can contact Anritsu Technical Support (1-800-267-4878) for more information. /p /div p strong Relevant CWE: /strong a hre

Sign in to read the full article

Create a free account to access all news, downloads, and community features

Sign inCreate account

Originally published by CISA

Source: https://www.cisa.gov/news-events/ics-advisories/icsa-26-090-01

This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.

Shared on IT-Hub by admin