CVE-2026-40852
Deferred Deferred - Pending Action
Authenticated Config Generator Code Execution in Industrial Device

Publication date: 2026-05-27

Last updated on: 2026-05-27

Assigner: CERT VDE

Description
A highly authenticated attacker can alter the config generator injecting a payload into future created configurations. The device is not correctly checking this configuration value before passing it to an system execute leading to code execution. This can result in a total loss of confidentiality, integrity and availability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-05-27
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-40852
EUVD
EUVD-2026-32151
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
mb_connect_line mbnet 8.4.5
mb_connect_line mbnet_rokey 8.4.5
mb_connect_line mbnet_mini 3.0.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability allows a highly authenticated attacker to modify the configuration generator by injecting a malicious payload into configurations that will be created in the future.

The device fails to properly validate this configuration value before executing it in the system, which leads to arbitrary code execution.

Compliance Impact

This vulnerability can lead to a total loss of confidentiality, integrity, and availability due to code execution caused by improper configuration validation.

Such a loss of security properties can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.

Mitigation Strategies

The provided resources do not contain specific mitigation steps or commands for CVE-2026-40852.

However, since the vulnerability involves an attacker altering the config generator to inject payloads, it is advisable to ensure that only highly authenticated and trusted users have access to configuration interfaces.

Monitoring and restricting access to configuration generation features and applying any available firmware updates or patches from the vendor are general best practices.

Impact Analysis

Exploitation of this vulnerability can result in a total loss of confidentiality, integrity, and availability of the affected system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40852. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart