{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20761", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2026-02-12T00:19:51.025Z", "datePublished": "2026-02-20T15:32:09.969Z", "dateUpdated": "2026-02-20T20:09:15.218Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "SmartServer IoT", "vendor": "EnOcean Edge Inc", "versions": [{"lessThanOrEqual": "4.60.009", "status": "affected", "version": "0", "versionType": "custom"}, {"status": "unaffected", "version": "4.60.023"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Amir Zaltzman of Claroty Team82 reported these vulnerabilities to CISA."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and \nprior, which would allow remote attackers, in the LON IP-852 management \nmessages, to send specially crafted IP-852 messages resulting in \narbitrary OS command execution on the device."}], "value": "A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and \nprior, which would allow remote attackers, in the LON IP-852 management \nmessages, to send specially crafted IP-852 messages resulting in \narbitrary OS command execution on the device."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2026-02-20T15:36:32.746Z"}, "references": [{"url": "https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#Current-Stable-Release"}, {"url": "https://enoceanwiki.atlassian.net/wiki/spaces/IEC/pages/288063529/Enhancing+Security"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-050-01"}, {"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-050-01.json"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "EnOcean recommends users update the SmartServer platform software to \nSmartServer 4.6 Update 2 (v4.60.023) or a later release at \n<a target=\"_blank\" rel=\"nofollow\" href=\"https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#Current-Stable-Release\">https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#...</a>.\n\n<br>"}], "value": "EnOcean recommends users update the SmartServer platform software to \nSmartServer 4.6 Update 2 (v4.60.023) or a later release at \n https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#... https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#Current-Stable-Release ."}], "source": {"advisory": "ICSA-26-050-01", "discovery": "EXTERNAL"}, "title": "EnOcean SmartServer IoT Command Injection", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "For additional mitigations and workarounds, refer to EnOcean's hardening\n guide at \n<a target=\"_blank\" rel=\"nofollow\" href=\"https://enoceanwiki.atlassian.net/wiki/spaces/IEC/pages/288063529/Enhancing+Security\">https://enoceanwiki.atlassian.net/wiki/spaces/IEC/pages/288063529/Enhancing+Security</a>.\n\n<br>"}], "value": "For additional mitigations and workarounds, refer to EnOcean's hardening\n guide at \n https://enoceanwiki.atlassian.net/wiki/spaces/IEC/pages/288063529/Enhancing+Security ."}], "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-20T20:07:47.196222Z", "id": "CVE-2026-20761", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-20T20:09:15.218Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20761", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-20T20:07:47.196222Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-20T20:08:48.192Z"}}], "cna": {"title": "EnOcean SmartServer IoT Command Injection", "source": {"advisory": "ICSA-26-050-01", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Amir Zaltzman of Claroty Team82 reported these vulnerabilities to CISA."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "EnOcean Edge Inc", "product": "SmartServer IoT", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "4.60.009"}, {"status": "unaffected", "version": "4.60.023"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "EnOcean recommends users update the SmartServer platform software to \nSmartServer 4.6 Update 2 (v4.60.023) or a later release at \n https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#... https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#Current-Stable-Release .", "supportingMedia": [{"type": "text/html", "value": "EnOcean recommends users update the SmartServer platform software to \nSmartServer 4.6 Update 2 (v4.60.023) or a later release at \n<a target=\"_blank\" rel=\"nofollow\" href=\"https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#Current-Stable-Release\">https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#...</a>.\n\n<br>", "base64": false}]}], "references": [{"url": "https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#Current-Stable-Release"}, {"url": "https://enoceanwiki.atlassian.net/wiki/spaces/IEC/pages/288063529/Enhancing+Security"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-050-01"}, {"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-050-01.json"}], "workarounds": [{"lang": "en", "value": "For additional mitigations and workarounds, refer to EnOcean's hardening\n guide at \n https://enoceanwiki.atlassian.net/wiki/spaces/IEC/pages/288063529/Enhancing+Security .", "supportingMedia": [{"type": "text/html", "value": "For additional mitigations and workarounds, refer to EnOcean's hardening\n guide at \n<a target=\"_blank\" rel=\"nofollow\" href=\"https://enoceanwiki.atlassian.net/wiki/spaces/IEC/pages/288063529/Enhancing+Security\">https://enoceanwiki.atlassian.net/wiki/spaces/IEC/pages/288063529/Enhancing+Security</a>.\n\n<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and \nprior, which would allow remote attackers, in the LON IP-852 management \nmessages, to send specially crafted IP-852 messages resulting in \narbitrary OS command execution on the device.", "supportingMedia": [{"type": "text/html", "value": "A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and \nprior, which would allow remote attackers, in the LON IP-852 management \nmessages, to send specially crafted IP-852 messages resulting in \narbitrary OS command execution on the device.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2026-02-20T15:36:32.746Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20761", "state": "PUBLISHED", "dateUpdated": "2026-02-20T20:09:15.218Z", "dateReserved": "2026-02-12T00:19:51.025Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2026-02-20T15:32:09.969Z", "assignerShortName": "icscert"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and \nprior, which would allow remote attackers, in the LON IP-852 management \nmessages, to send specially crafted IP-852 messages resulting in \narbitrary OS command execution on the device."}, {"lang": "es", "value": "Una vulnerabilidad existe en EnOcean SmartServer IoT versi\u00f3n 4.60.009 y anteriores, lo que permitir\u00eda a atacantes remotos, en los mensajes de gesti\u00f3n LON IP-852, enviar mensajes IP-852 especialmente dise\u00f1ados, resultando en la ejecuci\u00f3n arbitraria de comandos del sistema operativo en el dispositivo."}], "id": "CVE-2026-20761", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2026-02-20T16:22:32.243", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#Current-Stable-Release"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://enoceanwiki.atlassian.net/wiki/spaces/IEC/pages/288063529/Enhancing+Security"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-050-01.json"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-050-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,4.60.009]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "4.60.023"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "SmartServer IoT", "source": "cna", "vendor": "EnOcean Edge Inc"}, "product": "smartserver_iot", "vendor": "enocean_edge"}], "analysis": {"en": {"generated_at": "2026-04-17T17:28:00.778761+00:00", "value": {"mitigation_remediation": ["Upgrade SmartServer platform to version 4.60.023 or later as recommended by EnOcean.", "Apply the hardening configurations described in EnOcean's hardening guide.", "Restrict LON IP\u2011852 management traffic to trusted networks or disable it if not required."], "summary": {"action": "Immediate Patch", "impact": "Remote OS Command Execution"}, "threat_synthesis": {"affected_systems": "EnOcean Edge Inc SmartServer IoT devices, specifically those with SmartServer platform versions 4.60.009 or earlier, are affected. The flaw exists in the LON IP\u2011852 management interface delivered with those firmware releases.", "description_and_impact": "EnOcean SmartServer IoT devices running versions 4.60.009 and earlier are vulnerable to an arbitrary OS command injection via crafted LON IP-852 management messages. The flaw allows remote attackers to execute any command on the device, compromising confidentiality, integrity, and availability. The vulnerability is a classic input-to-command injection (CWE-77).", "risk_and_exploitability": "The CVSS score of 8.1 indicates a high risk, but the EPSS indicates an exploitation probability of less than 1%, reflecting a low likelihood of attacks at present. The flaw is not listed in the CISA KEV catalog. Exploitation requires remote network access to the LON IP\u2011852 management channel, meaning an attacker must be able to send specially crafted packets to the device. Once accessed, the attacker can run arbitrary commands, giving full control of the device."}}}}, "created": "2026-02-23T14:46:55.079230+00:00", "updated": "2026-04-17T17:30:23.867604+00:00", "vendors": ["enocean_edge", "enocean_edge$PRODUCT$smartserver_iot"]}