CVE 8.6 HIGH

Authenticated unintended access to critical program parameters_CVE-2026-10521

June 23, 2026 invoker category_cve

8.6 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

An high privileged remote attacker can access a hidden configuration method, that should not be accessible by any user, to modify critical program parameters. This can result in a total loss of confidentiality, integrity and availability.

AI Analysis

High privileged remote access to modify critical program parameters, resulting in loss of confidentiality, integrity, and availability

Basic Information

ID CVE-2026-10521

Source CERTVDE

Published Jun 23, 2026 at 07:34

Affected Product

Vendor MB connect line

Product mbCONNECT24

Version 0.0.0, 2.20.1

Affected Versions MB connect line mbCONNECT24 0.0.0
MB connect line mymbCONNECT24 0.0.0
MB connect line mbCONNECT24 2.20.1
MB connect line mymbCONNECT24 2.20.1

CWE Classification

CWE-425

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor MB connect line

Product mbCONNECT24

Version 0.0.0, 2.20.1

References

www.certvde.com /en/advisories/VDE-2026-068/

{
    "lastseen": "",
    "description": "An high privileged remote attacker can access a hidden configuration method, that should not be accessible by any user, to modify critical program parameters. This can result in a total loss of confidentiality, integrity and availability.",
    "published": "2026-06-23T07:34:10.089Z",
    "modified": "2026-06-23T07:34:10.089Z",
    "type": "cve",
    "title": "Authenticated unintended access to critical program parameters",
    "source": "CERTVDE",
    "references": "https://www.certvde.com/en/advisories/VDE-2026-068/",
    "id": "CVE-2026-10521",
    "bulletinFamily": "",
    "cwe": [
        "CWE-425"
    ],
    "cvelist": null,
    "sourceData": "MB connect line mbCONNECT24 0.0.0\nMB connect line mymbCONNECT24 0.0.0\nMB connect line mbCONNECT24 2.20.1\nMB connect line mymbCONNECT24 2.20.1",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "mbCONNECT24",
    "version": "0.0.0, 2.20.1",
    "vendor": "MB connect line",
    "ai_description": "High privileged remote access to modify critical program parameters, resulting in loss of confidentiality, integrity, and availability",
    "ai_severity": "High",
    "ai_vendor": "MB connect line",
    "ai_product": "mbCONNECT24",
    "ai_version": "0.0.0, 2.20.1",
    "ai_score": 8.6
}

💭 Join the Security Discussion ❌ Cancel Reply