CVE-2026-11848
Deferred Deferred - Pending Action

Missing Authentication in iRM-IEI Remote Management

Vulnerability report for CVE-2026-11848, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-12

Last updated on: 2026-06-12

Assigner: TWCERT/CC

Description

The iRM-IEI Remote Management developed by IEI Integration Corp has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-12
Last Modified
2026-06-12
Generated
2026-07-02
AI Q&A
2026-06-12
EPSS Evaluated
2026-07-01
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
iei_integration_corp irm-iei_remote_management to 1.4.19 (exc)
iei_integration_corp irm-tsi410x to 1.4.19 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-11848 is a medium-severity vulnerability in IEI Integration Corp's iRM-IEI Remote Management software, specifically affecting the iRM-TSi410X model before version v1.4.19.

The vulnerability is a Missing Authentication flaw that allows unauthenticated remote attackers to exploit a specific functionality to obtain partial system configuration information.

Impact Analysis

This vulnerability allows unauthenticated remote attackers to access partial system configuration information without authorization.

Such unauthorized access could potentially expose sensitive configuration details that might be leveraged for further attacks or to compromise system security.

Mitigation Strategies

The recommended immediate step to mitigate this vulnerability is to update the iRM-TSi410X software to version v1.4.19 or later.

Compliance Impact

The provided information does not specify how the CVE-2026-11848 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-11848. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart