CVE-2026-1633
Unauthenticated Access in Synectix LAN 232 TRIO Web Interface
Publication date: 2026-02-04
Last updated on: 2026-02-04
Assigner: ICS-CERT
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| synectix | lan_232_trio | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability affects the Synectix LAN 232 TRIO 3-Port serial to ethernet adapter by exposing its web management interface without requiring any authentication.
This means that anyone, even without credentials, can access the device's management interface.
As a result, unauthenticated users can modify critical device settings or perform a factory reset on the device.
How can this vulnerability impact me? :
This vulnerability can have severe impacts because it allows attackers to change important device configurations or reset the device to factory settings without any restrictions.
Such unauthorized modifications can disrupt network operations, cause loss of data or device functionality, and potentially open the network to further attacks.
Given the CVSS score of 10.0, this is a critical vulnerability with high potential for confidentiality, integrity, and availability impacts.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes its web management interface without requiring authentication. Detection can focus on identifying devices exposing this interface on the network.
- Scan the network for devices with open web management ports (commonly port 80 or 443) using tools like nmap.
- Use the command: nmap -p 80,443 --open -sV <target_network> to identify devices with open HTTP/HTTPS ports.
- Attempt to access the web management interface of identified devices to check if authentication is required.
- Look for devices identified as Synectix LAN 232 TRIO or similar serial to ethernet adapters by checking device banners or service fingerprints.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the web management interface to trusted networks or hosts only.
- Place the device management interface behind a firewall or VPN to prevent unauthenticated external access.
- If possible, disable the web management interface or change its configuration to require authentication.
- Monitor network traffic for unauthorized access attempts to the device.
- Consider isolating the device on a separate management VLAN to limit exposure.