CVE-2026-20764

Copeland XWEB and XWEB Pro OS Command Injection

Description

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by providing malicious input via the device hostname configuration which is later processed during system setup, resulting in remote code execution.

INFO

Published Date :

2026-02-27T00:56:47.460Z

Last Modified :

2026-03-02T14:28:10.662Z

Source :

icscert

AFFECTED PRODUCTS

The following products are affected by CVE-2026-20764 vulnerability.

Vendors	Products
Copeland	Copeland Xweb 300d Pro Copeland Xweb 500b Pro Copeland Xweb 500d Pro Xweb 300d Pro Xweb 300d Pro Firmware Xweb 500b Pro Xweb 500b Pro Firmware Xweb 500d Pro Xweb 500d Pro Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-20764.

URL	Resource
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-057-10.json
https://webapps.copeland.com/Dixell/Pages/SystemSoftwareUpdate
https://www.cisa.gov/news-events/ics-advisories/icsa-26-057-10

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact