CVE-2026-23746
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| entrust | instant_financial_issuance | to 6.10.5 (exc) |
| entrust | instant_financial_issuance | to 6.11.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can lead to severe impacts including disclosure of sensitive installation and service-account data, arbitrary file read and write on the server, forced outbound authentication, and remote code execution. Ultimately, it can result in full compromise of the affected host, allowing attackers to control or disrupt the system. [1]
Can you explain this vulnerability to me?
CVE-2026-23746 is a critical vulnerability in Entrust Instant Financial Issuance (IFI) On Premise software versions 5.x prior to 6.10.5 and 6.11.1. It exists in the SmartCardController service, which exposes an insecure .NET Remoting interface. This interface registers a TCP remoting channel with unsafe formatter settings that allow untrusted remote object invocation without authentication. This means a remote attacker who can access the remoting port can invoke exposed objects to read arbitrary files, force outbound authentication, and potentially write files or execute code remotely on the affected server. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying if the SmartCardController service (DCG.SmartCardControllerService.exe) is running and exposing a .NET Remoting TCP channel with unsafe formatter settings. Network scanning tools can be used to detect open TCP ports associated with the remoting service. Specific commands are not provided in the resources, but generally, you can use tools like 'netstat' to check for listening TCP ports on the host, and 'nmap' to scan for open remoting ports remotely. Additionally, inspecting running processes for DCG.SmartCardControllerService.exe can help confirm the presence of the vulnerable service. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading Entrust Instant Financial Issuance (IFI) On Premise software to version 6.10.5 or later, or 6.11.1 or later, where the vulnerability is fixed. Until the upgrade can be applied, restrict network access to the remoting port used by the SmartCardController service to trusted hosts only, and consider disabling the service if it is not required. Applying network-level controls such as firewall rules to block unauthenticated remote access to the remoting port can reduce the risk of exploitation. [1]