CVE-2026-24498

Summary

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. IpTIME AX6000M allows Authentication Bypass.This issue affects ipTIME T5008: through 15.26.8; ipTIME AX2004M: through 15.26.8; ipTIME AX3000Q: through 15.26.8; ipTIME AX6000M: through 15.26.8.

Affected Software

VendorProductVersion RangeStatus
EFM-Networks, Inc.ipTIME T50080 <= 15.26.8affected
EFM-Networks, Inc.ipTIME AX2004M0 <= 15.26.8affected
EFM-Networks, Inc.ipTIME AX3000Q0 <= 15.26.8affected
EFM-Networks, Inc.ipTIME AX6000M0 <= 15.26.8affected

Weaknesses

  • CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References