{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22544", "assignerOrgId": "50b5080a-775f-442e-83b5-926b5ca517b6", "state": "PUBLISHED", "assignerShortName": "S21sec", "dateReserved": "2026-01-07T14:01:04.829Z", "datePublished": "2026-01-07T16:23:08.550Z", "dateUpdated": "2026-01-07T16:38:40.422Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "QC 60/90/120", "vendor": "EFACEC", "versions": [{"status": "affected", "version": "8"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Aar\u00f3n Flecha Men\u00e9ndez"}, {"lang": "en", "type": "finder", "value": "Iv\u00e1n Alonso \u00c1lvarez"}, {"lang": "en", "type": "finder", "value": "V\u00edctor Bello Cuevas"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An attacker with a network connection could detect credentials in clear text."}], "value": "An attacker with a network connection could detect credentials in clear text."}], "impacts": [{"capecId": "CAPEC-117", "descriptions": [{"lang": "en", "value": "CAPEC-117 Interception"}]}, {"capecId": "CAPEC-94", "descriptions": [{"lang": "en", "value": "CAPEC-94: Man in the Middle Attack"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "50b5080a-775f-442e-83b5-926b5ca517b6", "shortName": "S21sec", "dateUpdated": "2026-01-07T16:23:08.550Z"}, "references": [{"url": "https://cds.thalesgroup.com/en"}], "source": {"discovery": "UNKNOWN"}, "tags": ["x_MQTT", "x_Charger", "x_ICS"], "title": "EXCHANGE OF CREDENTIALS IN CLEAR TEXT", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-07T16:38:01.414730Z", "id": "CVE-2026-22544", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T16:38:40.422Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22544", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-07T16:38:01.414730Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T16:38:08.886Z"}}], "cna": {"tags": ["x_MQTT", "x_Charger", "x_ICS"], "title": "EXCHANGE OF CREDENTIALS IN CLEAR TEXT", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Aar\u00f3n Flecha Men\u00e9ndez"}, {"lang": "en", "type": "finder", "value": "Iv\u00e1n Alonso \u00c1lvarez"}, {"lang": "en", "type": "finder", "value": "V\u00edctor Bello Cuevas"}], "impacts": [{"capecId": "CAPEC-117", "descriptions": [{"lang": "en", "value": "CAPEC-117 Interception"}]}, {"capecId": "CAPEC-94", "descriptions": [{"lang": "en", "value": "CAPEC-94: Man in the Middle Attack"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "EFACEC", "product": "QC 60/90/120", "versions": [{"status": "affected", "version": "8"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://cds.thalesgroup.com/en"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "An attacker with a network connection could detect credentials in clear text.", "supportingMedia": [{"type": "text/html", "value": "An attacker with a network connection could detect credentials in clear text.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information"}]}], "providerMetadata": {"orgId": "50b5080a-775f-442e-83b5-926b5ca517b6", "shortName": "S21sec", "dateUpdated": "2026-01-07T16:23:08.550Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22544", "state": "PUBLISHED", "dateUpdated": "2026-01-07T16:38:40.422Z", "dateReserved": "2026-01-07T14:01:04.829Z", "assignerOrgId": "50b5080a-775f-442e-83b5-926b5ca517b6", "datePublished": "2026-01-07T16:23:08.550Z", "assignerShortName": "S21sec"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An attacker with a network connection could detect credentials in clear text."}, {"lang": "es", "value": "Un atacante con una conexi\u00f3n de red podr\u00eda detectar credenciales en texto claro."}], "id": "CVE-2026-22544", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "50b5080a-775f-442e-83b5-926b5ca517b6", "type": "Secondary"}]}, "published": "2026-01-07T17:16:04.207", "references": [{"source": "50b5080a-775f-442e-83b5-926b5ca517b6", "url": "https://cds.thalesgroup.com/en"}], "sourceIdentifier": "50b5080a-775f-442e-83b5-926b5ca517b6", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-319"}], "source": "50b5080a-775f-442e-83b5-926b5ca517b6", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T08:08:29.677215+00:00", "value": {"mitigation_remediation": ["Upgrade the EFACEC QC firmware to a version that encrypts credential transmission (check the vendor\u2019s release notes for the fix).", "Reconfigure the system to use TLS or another secure authentication protocol, thereby preventing clear\u2011text credential exchange.", "Implement network monitoring or intrusion detection to alert on the presence of clear\u2011text credential traffic, and block or quarantine such connections."], "summary": {"action": "Patch", "impact": "Credential theft via clear\u2011text transmission"}, "threat_synthesis": {"affected_systems": "The affected product is the EFACEC QC series (models 60, 90, and 120). No specific firmware or software version numbers are provided in the data.", "description_and_impact": "The vulnerability allows an attacker who can observe network traffic to detect credentials transmitted in clear text. This disclosure exposes user authentication information, enabling credential compromise and potential unauthorized access. The weakness aligns with CWE\u2011319, a clear\u2011text transmission issue that directly attacks confidentiality.", "risk_and_exploitability": "The CVSS score of 8.7 indicates a high severity due to the loss of confidentiality, while the EPSS score of less than 1% suggests a low but non\u2011zero likelihood of exploitation. The vulnerability is not currently listed in the CISA KEV catalog. Exploitation requires an attacker with direct network connectivity to the device, typically via a man\u2011in\u2011the\u2011middle position or insider access, to capture the clear\u2011text credentials as they are exchanged. Proper network segmentation and the use of encrypted channels would mitigate the exploitation vector."}}}}, "created": "2026-04-18T08:15:15.888954+00:00", "updated": "2026-04-18T08:15:15.888967+00:00", "vendors": []}