CVE-2026-11848
Deferred Deferred - Pending Action
Missing Authentication in iRM-IEI Remote Management

Publication date: 2026-06-12

Last updated on: 2026-06-12

Assigner: TWCERT/CC

Description
The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-12
Last Modified
2026-06-12
Generated
2026-06-12
AI Q&A
2026-06-12
EPSS Evaluated
N/A
NVD
CVE-2026-11848
EUVD
EUVD-2026-36409
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
iei_integration_corp irm-iei_remote_management to 1.4.19 (exc)
iei_integration_corp irm-tsi410x to 1.4.19 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-11848 is a medium-severity vulnerability in IEI Integration Corp's iRM-IEI Remote Management software, specifically affecting the iRM-TSi410X model before version v1.4.19.

The vulnerability is a Missing Authentication flaw that allows unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information.

Impact Analysis

This vulnerability allows unauthenticated remote attackers to access partial system configuration information without authorization.

Such unauthorized access could potentially expose sensitive configuration details that might be leveraged for further attacks or to compromise system security.

Mitigation Strategies

The recommended immediate step to mitigate this vulnerability is to update the iRM-TSi410X software to version v1.4.19 or later.

Compliance Impact

The provided information does not specify how the CVE-2026-11848 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-11848. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart