CVE-2026-32962
Received
Received - Intake
Missing Authentication Allows Unauthorized Configuration on SD-330AC Devices
Publication date: 2026-04-20
Last updated on: 2026-04-22
Assigner: JPCERT/CC
Description
Description
SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The device configuration may be altered without authentication.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| silextechnology | sd-330ac_firmware | to 1.50 (exc) |
| silextechnology | amc_manager | to 5.1.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects the SD-330AC and AMC Manager devices provided by silex technology, Inc. It is caused by a missing authentication mechanism for critical functions, which means that the device configuration can be altered without requiring any authentication.
How can this vulnerability impact me? :
Because the device configuration can be changed without authentication, an attacker could potentially alter important settings on the affected devices. This could lead to unauthorized changes that might disrupt device operation or security.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70