How is CVE-2026-14162 exploited?

Network reachability (required): The attacker must reach the application's HTTP endpoint over the network; no local or physical access is needed. Authentication (not-required): No credentials of any kind are required; the vulnerable URL is accessible to any unauthenticated caller. Victim interaction (not-required): The attacker makes a direct request to the target URL; no end-user action or social engineering is involved. Attack complexity (info): Exploitation is reliable and condition-free; no race conditions, memory layout dependencies, or environmental prerequisites apply.

What is the impact of CVE-2026-14162?

Reads full API documentation, exposing endpoint structures, parameter names, and any embedded credentials or tokens referenced in that documentation. Leverages disclosed API details to read sensitive patient or operational records stored by the application. Uses discovered API endpoints to modify persisted data such as queue entries, patient assignments, or configuration records. Sends crafted requests to disrupt or crash the queuing service, preventing hospital staff from managing patient flow.

Back to search

CRITICALCVE-2026-14162Published 2026-06-30Modified 2026-06-30CNA twcert

CVE-2026-14162: Advantech｜Hospital Quering Management - Missing Authentication

Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation.

CVSS v4.0: 9.3
Severity: CRITICAL
Fixed in: 1.2.13
Affected Products: 1

HarborGuard Analysis

Synopsis

Missing authentication in Advantech Hospital Queuing Management exposes a specific URL that returns full API documentation without any credentials. The vulnerability is reachable over the network by any unauthenticated attacker, requiring no user interaction or special privileges. Successful exploitation gives an attacker read access to sensitive data, the ability to tamper with data, and can disrupt service availability. A patched-image rebuild at version 1.2.13 is available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection of CVE-2026-14162 is available across every HarborGuard environment; the CVE is ingested from upstream feeds within minutes of publication and matched against all customer images in connected registries and CI/CD pipelines, including custom-built images derived from the affected Advantech base.

Available

Triage

Triage is available with the CVSS v4.0 score of 9.3 (Critical) applied automatically, weighted against each customer org's compliance policy to prioritize routing; alerts are dispatched to the appropriate team inbox within each customer environment based on configured ownership rules.

Available

Patch

A patched-image rebuild at version 1.2.13 is available on HarborGuard for any environment found running an affected release of Hospital Queuing Management. For customers who opt into auto-remediation, HarborGuard triggers a rebuild, runs a regression test suite against the new image, and opens a pull request against affected workloads.

Available

Exploit Conditions

Network reachabilityRequired
The attacker must reach the application's HTTP endpoint over the network; no local or physical access is needed.
AuthenticationNot required
No credentials of any kind are required; the vulnerable URL is accessible to any unauthenticated caller.
Victim interactionNot required
The attacker makes a direct request to the target URL; no end-user action or social engineering is involved.
Attack complexityDetail
Exploitation is reliable and condition-free; no race conditions, memory layout dependencies, or environmental prerequisites apply.

Blast Radius

Reads full API documentation, exposing endpoint structures, parameter names, and any embedded credentials or tokens referenced in that documentation.
Leverages disclosed API details to read sensitive patient or operational records stored by the application.
Uses discovered API endpoints to modify persisted data such as queue entries, patient assignments, or configuration records.
Sends crafted requests to disrupt or crash the queuing service, preventing hospital staff from managing patient flow.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-14162 activates automatically as part of each ingest cycle, flagging any image that packages an affected version of Advantech Hospital Queuing Management (below 1.2.13). Given the Critical severity and zero-interaction exploit path, this CVE is prioritized in HarborGuard's triage queue. Where compliance policy permits auto-remediation, HarborGuard initiates a rebuild against the 1.2.13 base, executes regression tests, and opens a pull request against affected workloads; median time from CVE publication to merged patch PR for critical-severity issues is around 90 minutes for environments with auto-remediation enabled. For environments where auto-remediation is not enabled, HarborGuard surfaces the finding with fix-version detail so teams can act manually. Until the patched image is deployed, consider applying network policy controls to restrict access to the affected service to known internal IP ranges only.

See how HarborGuard automates this

Fix available

1.2.13

Affected packages

Advantech / Hospital Quering Management
< 1.2.13 (from 0)

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References

Metrics

Get notified

HarborGuard Analysis

Synopsis

HarborGuard Coverage

Exploit Conditions

Blast Radius

How HarborGuard Handles This

Fix available