CVE-2026-22097

Summary

The firmware update mechanism does not include cryptographic signature validation. This allows anyone with access to the firmware update capability to upload arbitrary files which can then lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
EVbeeDC-800 < 1.5.1affected

Weaknesses

  • CWE-347: CWE-347

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References