CVE-2026-6348
Missing Authentication in WinMatrix Agent Enables SYSTEM Code Execution
Publication date: 2026-04-16
Last updated on: 2026-04-16
Assigner: TWCERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| simopro_technology | winmatrix_agent | From 3.5.13 (inc) to 3.5.26.15 (inc) |
| simopro_technology | winmatrix_agent | to 3.5.27.5 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The CVE-2026-6348 vulnerability allows authenticated local attackers to execute arbitrary code with SYSTEM privileges, impacting confidentiality, integrity, and availability of affected systems.
Such a compromise of confidentiality, integrity, and availability could negatively affect compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.
However, the provided information does not explicitly mention the impact on compliance with these standards or regulations.
Can you explain this vulnerability to me?
CVE-2026-6348 is a Missing Authentication vulnerability in the WinMatrix agent developed by Simopro Technology. It affects versions 3.5.13 through 3.5.26.15 of the software.
This flaw allows authenticated local attackersβthose who already have some level of access on the local machineβto execute arbitrary code with SYSTEM privileges. This means they can run any code they want with the highest level of permissions on the local machine.
Moreover, the vulnerability extends beyond the local machine, allowing attackers to execute code with SYSTEM privileges on all hosts within the environment where the WinMatrix agent is installed.
How can this vulnerability impact me? :
This vulnerability can have severe impacts because it allows an attacker with local authenticated access to gain SYSTEM-level control over the affected machine and all other hosts in the environment running the WinMatrix agent.
- Complete compromise of confidentiality, allowing unauthorized access to sensitive data.
- Integrity violations, as attackers can modify or delete data or system configurations.
- Availability disruptions, since attackers can execute arbitrary code that may disrupt or disable system functions.
Because the vulnerability allows code execution with SYSTEM privileges, it poses a critical risk to the security and stability of affected systems and networks.
What immediate steps should I take to mitigate this vulnerability?
The recommended immediate step to mitigate the CVE-2026-6348 vulnerability is to update the WinMatrix agent to version 3.5.27.5 or later.