CRITICALCVE-2026-3356Published Modified CNA icscert
CVE-2026-3356: Missing Authentication for Critical Function vulnerability in Anritsu Remote Spectrum Monitor
The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanism to enable or configure authentication, the issue is inherent to its design rather than a deployment error.
Metrics
- CVSS v4.0
- 9.3
- Severity
- CRITICAL
- Fixed in
- —
- Affected Products
- 4
Affected packages
- Anritsu / Remote Spectrum Monitor MS27100AAll versions
- Anritsu / Remote Spectrum Monitor MS27101AAll versions
- Anritsu / Remote Spectrum Monitor MS27102AAll versions
- Anritsu / Remote Spectrum Monitor MS27103AAll versions
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences