CVE-2026-32968
Received Received - Intake
Remote Code Execution in com_mb24sysapi Module via OS Command Injection

Publication date: 2026-03-23

Last updated on: 2026-03-23

Assigner: CERT VDE

Description
Due to the improper neutralisation of special elements used in an OS command, an unauthenticated remote attacker can exploit an RCE vulnerability in the com_mb24sysapi module, resulting in full system compromise. This vulnerability is a variant attack for CVE-2020-10383.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-23
Last Modified
2026-03-23
Generated
2026-05-07
AI Q&A
2026-03-23
EPSS Evaluated
2026-05-05
NVD
CVE-2026-32968
EUVD
EUVD-2026-14404
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
mb_connect_line mbconnect24 to 2.19.3 (inc)
mb_connect_line mymbconnect24 to 2.19.3 (inc)
mb_connect_line mbconnect24 2.19.4
mb_connect_line mymbconnect24 2.19.4
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?

The recommended immediate step to mitigate this vulnerability is to update the affected devices to firmware version 2.19.4 or later.

This update addresses the Remote Code Execution vulnerability in the com_mb24sysapi module that allows unauthenticated remote attackers to execute arbitrary commands, leading to full system compromise.


Can you explain this vulnerability to me?

CVE-2026-32968 is a critical Remote Code Execution (RCE) vulnerability found in the com_mb24sysapi module of certain mbCONNECT24 and mymbCONNECT24 devices. It occurs because special elements used in operating system commands are not properly neutralized, allowing an unauthenticated remote attacker to execute arbitrary OS commands on the affected system.

This flaw leads to full system compromise, affecting the confidentiality, integrity, and availability of the device. It is a variant of a previously known vulnerability, CVE-2020-10383.


How can this vulnerability impact me? :

This vulnerability allows an unauthenticated remote attacker to execute arbitrary commands on the affected system, resulting in full system compromise.

  • Complete loss of confidentiality, as sensitive data can be accessed or leaked.
  • Complete loss of integrity, as the attacker can modify system files or data.
  • Complete loss of availability, as the attacker can disrupt or disable system operations.

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart