Description
An attacker with the ability to interact through the network and with access credentials, could, thanks to the unsecured (unencrypted) MQTT communications protocol, write on the server topics of the board that controls the MQTT communications
Published: 2026-01-07
Score: 8.9 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized modification of critical MQTT parameters
Action: Immediate Patch
AI Analysis

Impact

An attacker with network access and valid credentials can exploit unsecured MQTT communications to publish to server topics that control board operations, effectively modifying critical parameters. The flaw is classified as CWE-1366, indicating a lack of proper input validation or security misconfiguration that allows unauthorized configuration changes.

Affected Systems

EFACEC QC 60, QC 90, and QC 120 product lines are affected. No specific firmware version numbers are provided, so all current releases of these boards are potentially vulnerable.

Risk and Exploitability

The CVSS score of 8.9 indicates high severity, while an EPSS of less than 1% suggests the probability of exploitation is currently low. The vulnerability is not listed in CISA's KEV catalog. Exploitation would likely occur over the network, requiring the attacker to possess valid credentials to publish malicious configuration messages to the board's MQTT topics.

Generated by OpenCVE AI on April 18, 2026 at 08:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the EFACEC firmware update that encrypts MQTT traffic.
  • If an update is not available, enforce network segmentation to limit MQTT access to trusted devices and enable TLS encryption for all MQTT traffic.
  • Rotate all credentials that provide MQTT access to prevent exploitation through credential compromise.

Generated by OpenCVE AI on April 18, 2026 at 08:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://cds.thalesgroup.com/en cve-icon cve-icon
History

Thu, 08 Jan 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Efacec
Efacec qc 120
Efacec qc 60
Efacec qc 90
Vendors & Products Efacec
Efacec qc 120
Efacec qc 60
Efacec qc 90

Wed, 07 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 07 Jan 2026 17:00:00 +0000

Type Values Removed Values Added
Description An attacker with the ability to interact through the network and with access credentials, could, thanks to the unsecured (unencrypted) MQTT communications protocol, write on the server topics of the board that controls the MQTT communications
Title FRAIL SECURITY IN MQTT PROTOCOL ALLOWS AN ATTACKER MODIFY CRITICAL PARAMETERS
Weaknesses CWE-1366
References
Metrics cvssV4_0

{'score': 8.9, 'vector': 'CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

Efacec Qc 120 Qc 60 Qc 90
cve-icon MITRE

Status: PUBLISHED

Assigner: S21sec

Published:

Updated: 2026-01-07T16:59:20.174Z

Reserved: 2026-01-07T14:01:04.828Z

Link: CVE-2026-22535

cve-icon Vulnrichment

Updated: 2026-01-07T16:59:16.364Z

cve-icon NVD

Status : Deferred

Published: 2026-01-07T17:16:03.580

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-22535

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T08:15:15Z

Weaknesses