CVE-2026-1633

Summary

The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes its web management interface without requiring authentication, allowing unauthenticated users to modify critical device settings or factory reset the device.

Affected Software

VendorProductVersion RangeStatus
SynectixLAN 232 TRIOAll versionsaffected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

Workarounds

The affected products should be considered end-of-life, as Synectix is no longer in business and therefore firmware fixes, mitigations and updates will be unavailable.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References