The MS27102A Remote Spectrum Monitor is afflicted by an authentication bypass that permits any network user to gain full control of the device’s management interface. The vendors lack any mechanism to enforce authentication or to make it configurable, making the flaw inherent to the device’s design. Consequently an attacker can modify settings, view sensitive data, and potentially disrupt normal operation, resulting in loss of confidentiality, integrity, and availability. This weakness aligns with CWE-306, missing authentication for a critical function.

Affected vendors and products are Anritsu Remote Spectrum Monitor models MS27100A, MS27101A, MS27102A, and MS27103A. Specific version numbers are not disclosed, but all devices of these series share the same design flaw. The vulnerability applies to each of these monitors wherever they are connected to a network.

With a CVSS score of 9.3, this vulnerability is rated critical. The EPSS score is unavailable, and the flaw is not listed in the CISA KEV catalog, but the lack of authentication makes exploitation straightforward over the network. The likely attack vector is remote access via the device’s open management interface, which can be reached from within a local network or over any otherwise trusted connection. Because no patch is offered, the recommendation is to restrict connectivity to the device and place it in a hardened environment.