CVE-2026-11845

Summary

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a OS Command Injection vulnerability, allowing privileged remote attackers to inject arbitrary OS commands and execute them on the device.

Affected Software

VendorProductVersion RangeStatus
IEI Integration CorpiVEC TANK-XM8110 < 1.0.4affected

Weaknesses

  • CWE-78: CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References