{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27519", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-02-19T19:51:07.329Z", "datePublished": "2026-02-24T15:07:10.410Z", "dateUpdated": "2026-02-27T16:27:19.626Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "10G08-0800GSM Network Switch", "vendor": "Binardat Ltd.", "versions": [{"lessThanOrEqual": "V300SP10260209", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Binardat 10G08-0800GSM network switch firmware version&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">V300SP10260209 and prior</span> use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections."}], "value": "Binardat 10G08-0800GSM network switch firmware version\u00a0V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-321", "description": "CWE-321 Use of Hard-coded Cryptographic Key", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-327", "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-02-24T15:07:10.410Z"}, "references": [{"tags": ["product"], "url": "https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch"}, {"tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-hard-coded-rc4-encryption-key"}], "source": {"discovery": "EXTERNAL"}, "title": "Binardat 10G08-0800GSM Network Switch Hard-coded RC4 Encryption Key", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-27T16:26:16.359728Z", "id": "CVE-2026-27519", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-27T16:27:19.626Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27519", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-27T16:26:16.359728Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-27T16:26:24.534Z"}}], "cna": {"title": "Binardat 10G08-0800GSM Network Switch Hard-coded RC4 Encryption Key", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc."}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Binardat Ltd.", "product": "10G08-0800GSM Network Switch", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "V300SP10260209"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-hard-coded-rc4-encryption-key", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Binardat 10G08-0800GSM network switch firmware version\u00a0V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections.", "supportingMedia": [{"type": "text/html", "value": "Binardat 10G08-0800GSM network switch firmware version&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">V300SP10260209 and prior</span> use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-321", "description": "CWE-321 Use of Hard-coded Cryptographic Key"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-327", "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-02-24T15:07:10.410Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27519", "state": "PUBLISHED", "dateUpdated": "2026-02-27T16:27:19.626Z", "dateReserved": "2026-02-19T19:51:07.329Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-02-24T15:07:10.410Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:binardat:10g08-0800gsm_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB8E3245-044C-496C-9521-04CE9E097A74", "versionEndIncluding": "V300SP10260209", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:binardat:10g08-0800gsm:-:*:*:*:*:*:*:*", "matchCriteriaId": "466EE3BA-33F8-476B-A66B-02FC3B93CB00", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Binardat 10G08-0800GSM network switch firmware version\u00a0V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections."}], "id": "CVE-2026-27519", "lastModified": "2026-02-25T17:25:22.070", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-02-24T16:24:09.607", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-hard-coded-rc4-encryption-key"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-321"}, {"lang": "en", "value": "CWE-327"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,V300SP10260209]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "10G08-0800GSM Network Switch", "source": "cna", "vendor": "Binardat Ltd."}, "product": "10g08-0800gsm_network_switch", "vendor": "binardat"}], "analysis": {"en": {"generated_at": "2026-04-17T15:45:05.656820+00:00", "value": {"mitigation_remediation": ["Obtain and install an updated firmware release that removes the hard\u2011coded RC4 key or replaces it with a stronger encryption mechanism.", "If an upgrade is not immediately available, disable the management features that expose the vulnerable JavaScript code or block access to the affected pages.", "Restrict management interface access to trusted networks, VPNs, or IP ranges to limit exposure to potential attackers.", "Monitor network and device logs for anomalous access attempts and perform regular security reviews of the switch configuration."], "summary": {"action": "Patch Update", "impact": "Confidentiality breach via hard\u2011coded RC4 encryption key"}, "threat_synthesis": {"affected_systems": "The affected hardware is Binardat Ltd.'s 10G08\u20110800GSM switch, which serves 8\u2011port 10\u2011gigabit SFP\u2011managed networking with L3 web management. Any unit running firmware V300SP10260209 or earlier is impacted. No other product versions were identified as vulnerable.", "description_and_impact": "The vulnerability resides in the firmware version V300SP10260209 and earlier of Binardat's 10G08\u20110800GSM network switch. The device uses RC4 encryption with a hard\u2011coded key embedded in client\u2011side JavaScript. Because the key is static and exposed in the source code, an attacker who can access the management web interface or obtain the firmware image can retrieve the key and decrypt any values protected by RC4, thereby breaking confidentiality protections.", "risk_and_exploitability": "The CVSS base score of 8.7 reflects a high severity due to the potential for confidentiality loss without authentication, but the EPSS is less than 1%, indicating that exploitation is currently unlikely. The vulnerability is not listed in KEV, suggesting no widely known exploitation. An attacker could glean the key by downloading the page containing the JavaScript or by reverse\u2011engineering the firmware. The static nature of the key means the flaw remains even after multiple firmware releases until the key is removed or encryption hardened."}}}}, "created": "2026-02-25T11:38:48.089908+00:00", "updated": "2026-04-17T15:45:15.910464+00:00", "vendors": ["binardat", "binardat$PRODUCT$10g08-0800gsm_network_switch"]}