CVE-2026-3323

VEGA: Privilege escalation through unsecured configuration interface in VEGAPULS devices

Description

An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes.

INFO

Published Date :

2026-04-28T10:24:19.411Z

Last Modified :

2026-04-28T10:24:19.411Z

Source :

CERTVDE

AFFECTED PRODUCTS

The following products are affected by CVE-2026-3323 vulnerability.

Vendors	Products
Vega	Vegapuls6x Pn Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-3323.

URL	Resource
https://certvde.com/en/advisories/VDE-2026-016
https://vega.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-016.json

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact