CVE-2026-25752
Unknown Unknown - Not Provided
Authorization Bypass in FUXA Allows Remote Device Tag Manipulation

Publication date: 2026-02-06

Last updated on: 2026-02-10

Assigner: GitHub, Inc.

Description
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An authorization bypass vulnerability in FUXA allows an unauthenticated, remote attacker to modify device tags via WebSockets. Exploitation allows an unauthenticated, remote attacker to bypass role-based access controls and overwrite arbitrary device tags or disable communication drivers, exposing connected ICS/SCADA environments to follow-on actions. This may allow an attacker to manipulate physical processes and disconnected devices from the HMI. This affects FUXA through version 1.2.9. This issue has been patched in FUXA version 1.2.10.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-06
Last Modified
2026-02-10
Generated
2026-06-16
AI Q&A
2026-02-06
EPSS Evaluated
2026-06-14
NVD
CVE-2026-25752
EUVD
EUVD-2026-5620
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
frangoteam fuxa to 1.2.10 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-25752 is a critical authorization bypass vulnerability in FUXA, a web-based Process Visualization software used in SCADA/HMI/Dashboard environments.

This flaw allows an unauthenticated remote attacker to modify device tags via WebSockets without any privilege or user interaction, effectively bypassing role-based access controls.

Because of this, attackers can overwrite arbitrary device tags or disable communication drivers, potentially manipulating physical processes and disconnected devices from the Human-Machine Interface (HMI).

The vulnerability affects FUXA versions up to 1.2.9 and has been patched in version 1.2.10.

Impact Analysis

Exploitation of this vulnerability can lead to unauthorized modification of device tags and disabling of communication drivers in ICS/SCADA environments.

This can allow attackers to manipulate physical processes and devices remotely, potentially causing disruption or damage to industrial control systems.

The impacts include high integrity and availability risks, meaning critical data can be altered and services can be disrupted.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

The vulnerability in FUXA allows unauthenticated remote attackers to bypass authorization and modify device tags via WebSockets, which can lead to manipulation of physical processes and disruption of ICS/SCADA environments.

To mitigate this vulnerability immediately, users should update FUXA to version 1.2.10 or later, where the issue has been patched.

Since the vulnerability affects all deployments regardless of the runtime setting `secureEnabled`, relying on configuration alone is insufficient.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-25752. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart