{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1632", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2026-01-29T16:00:44.404Z", "datePublished": "2026-02-03T22:59:32.539Z", "dateUpdated": "2026-02-04T20:17:57.156Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "MOMA Seismic Station", "vendor": "RISS SRL", "versions": [{"lessThanOrEqual": "Version v2.4.2520", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Souvik Kandar reported this vulnerability to CISA"}], "datePublic": "2026-02-03T19:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device."}], "value": "MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2026-02-03T22:59:32.539Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-034-03"}, {"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-034-03.json"}], "source": {"advisory": "ICSA-26-034-03", "discovery": "EXTERNAL"}, "title": "RISS SRL MOMA Seismic Station Missing Authentication for Critical Function", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "RISS SRL did not respond to CISA's request for coordination. Users of \nRISS MOMA Seismic Station are encouraged to contact RISS SRL \n(info@riss-srl.com) for more information.\n\n<br>"}], "value": "RISS SRL did not respond to CISA's request for coordination. Users of \nRISS MOMA Seismic Station are encouraged to contact RISS SRL \n(info@riss-srl.com) for more information."}], "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-04T20:17:47.811407Z", "id": "CVE-2026-1632", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-04T20:17:57.156Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1632", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-04T20:17:47.811407Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-04T20:17:53.757Z"}}], "cna": {"title": "RISS SRL MOMA Seismic Station Missing Authentication for Critical Function", "source": {"advisory": "ICSA-26-034-03", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Souvik Kandar reported this vulnerability to CISA"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "RISS SRL", "product": "MOMA Seismic Station", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "Version v2.4.2520"}], "defaultStatus": "unaffected"}], "datePublic": "2026-02-03T19:00:00.000Z", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-034-03"}, {"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-034-03.json"}], "workarounds": [{"lang": "en", "value": "RISS SRL did not respond to CISA's request for coordination. Users of \nRISS MOMA Seismic Station are encouraged to contact RISS SRL \n(info@riss-srl.com) for more information.", "supportingMedia": [{"type": "text/html", "value": "RISS SRL did not respond to CISA's request for coordination. Users of \nRISS MOMA Seismic Station are encouraged to contact RISS SRL \n(info@riss-srl.com) for more information.\n\n<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device.", "supportingMedia": [{"type": "text/html", "value": "MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2026-02-03T22:59:32.539Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1632", "state": "PUBLISHED", "dateUpdated": "2026-02-04T20:17:57.156Z", "dateReserved": "2026-01-29T16:00:44.404Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2026-02-03T22:59:32.539Z", "assignerShortName": "icscert"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device."}, {"lang": "es", "value": "La Estaci\u00f3n S\u00edsmica MOMA Versi\u00f3n v2.4.2520 y anteriores expone su interfaz de gesti\u00f3n web sin requerir autenticaci\u00f3n, lo que podr\u00eda permitir a un atacante no autenticado modificar la configuraci\u00f3n, adquirir datos del dispositivo o reiniciar el dispositivo de forma remota."}], "id": "CVE-2026-1632", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2026-02-03T23:16:06.457", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-034-03.json"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-034-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-17T23:58:37.828059+00:00", "value": {"mitigation_remediation": ["Contact RISS SRL to obtain and install a firmware update that implements authentication on the web management interface.", "Restrict external network access to the web interface by configuring firewalls or VLAN segmentation to allow only trusted IP addresses.", "Enable or enforce internal network access controls to ensure that only authorized administrative users can reach the MOMA interface.", "Monitor configuration files and device logs for unauthorized changes or reset attempts to detect exploitation early."], "summary": {"action": "Contact Vendor", "impact": "Remote configuration manipulation"}, "threat_synthesis": {"affected_systems": "Vendors affected are RISS SRL, product MOMA Seismic Station, specifically versions v2.4.2520 and all earlier releases.", "description_and_impact": "The vulnerability allows an attacker who can reach the web management interface of MOMA Seismic Station to perform actions without authenticating. An unauthenticated user can alter configuration settings, retrieve device data, or reset the device remotely, potentially disrupting monitoring operations and compromising the integrity of seismic data. The weakness is a missing authentication check, identified as CWE-306.", "risk_and_exploitability": "The CVSS base score of 9.3 indicates critical severity, yet the EPSS score of less than 1% suggests that, at present, exploitation attempts are rare. The vulnerability is not cataloged in CISA\u2019s KEV list. Likely attack vector is an unauthenticated network attacker accessing the web interface, which may require that the device is reachable from the attacker\u2019s network or that the victim\u2019s internal network is compromised. Bypassing authentication provides full control over the station\u2019s configuration and operations, and thus poses a high risk to the availability and integrity of seismic monitoring services."}}}}, "created": "2026-02-04T12:05:35.698669+00:00", "updated": "2026-04-18T00:00:09.494885+00:00", "vendors": ["riss_srl", "riss_srl$PRODUCT$moma_seismic_station"]}