CVE-2026-2491
Awaiting Analysis Awaiting Analysis - Queue
Authentication Bypass in Socomec DIRIS A-40 HTTP API

Publication date: 2026-03-16

Last updated on: 2026-03-16

Assigner: Zero Day Initiative

Description
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web API implementation, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-23993.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-03-16
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-14
NVD
CVE-2026-2491
EUVD
EUVD-2026-12107
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
socomec diris_a-40 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2026-2491 is an authentication bypass vulnerability in Socomec DIRIS A-40 power monitoring devices. The flaw exists in the device's HTTP web API, which listens on TCP port 80 by default. Because the API does not enforce authentication before granting access to certain functions, a network-adjacent attacker can exploit this vulnerability without needing any credentials."}, {'type': 'paragraph', 'content': "This means an attacker connected to the same network can bypass authentication controls and gain unauthorized access to the device's API."}] [1]

Impact Analysis

Exploitation of this vulnerability allows an attacker to bypass authentication on the affected device, potentially leading to unauthorized access.

The CVSS score of 6.3 indicates a moderate severity, with impacts on confidentiality, integrity, and availability to a limited extent.

  • Confidentiality impact: Limited exposure of sensitive information.
  • Integrity impact: Potential unauthorized modification of device data or settings.
  • Availability impact: Possible disruption or degradation of device functionality.
Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability affects the Socomec DIRIS A-40 power monitoring devices' HTTP API, which listens on TCP port 80 by default. Detection can be performed by scanning your network for devices with open TCP port 80 that identify as Socomec DIRIS A-40."}, {'type': 'paragraph', 'content': "To detect the vulnerability, you can attempt to access the device's HTTP API endpoints without authentication and observe if access is granted."}, {'type': 'list_item', 'content': 'Use nmap to scan for devices with port 80 open: nmap -p 80 --open -sV <target-network>'}, {'type': 'list_item', 'content': "Use curl or wget to send HTTP requests to the device's API endpoints without authentication and check for responses indicating access: curl http://<device-ip>/api/endpoint"}] [1]

Mitigation Strategies

Immediate mitigation steps include applying the update released by Socomec that addresses and fixes this authentication bypass vulnerability.

Until the update can be applied, restrict network access to the affected devices, especially limiting access to TCP port 80 to trusted network segments or administrators only.

Consider placing the devices behind a firewall or VPN to prevent unauthorized network-adjacent attackers from reaching the vulnerable HTTP API.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2491. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart