CVE-2026-24060

EUVD-2026-13840
Service information is not encrypted when transmitted as BACnet packets 
over the wire, and can be sniffed, intercepted, and modified by an 
attacker. Valuable information such as the File Start Position and File 
Data can be sniffed from network traffic using Wireshark's BACnet 
dissector filter. The proprietary format used by WebCTRL to receive 
updates from the PLC can also be sniffed and reverse engineered.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
icscertCNA
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-078-08.json
https://www.automatedlogic.com/en/company/security-commitment/
https://www.cisa.gov/news-events/ics-advisories/icsa-26-078-08