CVE-2026-3893

Summary

The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing an attacker with network access to directly access and modify its configuration and operational functions without needing credentials.

Affected Software

VendorProductVersion RangeStatus
Carlson SoftwareVASCO-B GNSS Receiver0 < 1.4.0affected
Carlson SoftwareVASCO-B GNSS Receiver1.4.0unaffected

Weaknesses

  • CWE-306: CWE-306

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References