CVE Catalog

CVE-2026-8980

Critical
Published: Translated: NVD NIST

Summary

The Mennekes Amtron series (firmware versions ≤ 5.22.3) is vulnerable to privilege escalation. An authenticated low-privileged user can change the passwords of the admin (operator) and manufacturer accounts via crafted POST requests.

Risk Assessment

This vulnerability may lead to unauthorized access to higher-privileged accounts, posing a significant security risk to the system.

Recommendation

It is recommended to update the firmware to the latest version to mitigate this vulnerability and to monitor logs for potential privilege escalation attempts.

Original NVD description (English source)

The Mennekes Amtron series (firmware versions ≤ 5.22.3) is vulnerable to privilege escalation. An authenticated low-privileged user can change the passwords of the admin (operator) and manufacturer accounts via crafted POST requests.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS