{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3873", "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "state": "PUBLISHED", "assignerShortName": "NCSC.ch", "dateReserved": "2026-03-10T10:16:02.391Z", "datePublished": "2026-03-13T08:14:29.350Z", "dateUpdated": "2026-03-13T16:05:47.203Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch", "dateUpdated": "2026-03-13T09:31:16.682Z"}, "title": "Legacy built-in user account", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"}]}], "affected": [{"vendor": "syslink software AG", "product": "Avantra", "platforms": ["Windows", "Linux"], "versions": [{"status": "affected", "version": "0", "lessThan": "25.3.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Use of Hard-coded Credentials vulnerability in Avantra allows Accessing \nFunctionality Not Properly Constrained by ACLs. This issue affects \nAvantra: before 25.3.0.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Use of Hard-coded Credentials vulnerability in Avantra allows Accessing \nFunctionality Not Properly Constrained by ACLs. This issue affects \nAvantra: before 25.3.0."}]}], "references": [{"url": "https://support.avantra.com/hc/en-us/articles/5352465121695-Security-Notice-Legacy-Built-In-User-Account-rtm", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseSeverity": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"}}], "credits": [{"lang": "en", "value": "Vicxer Inc.", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-13T16:05:40.724817Z", "id": "CVE-2026-3873", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-13T16:05:47.203Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3873", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-13T16:05:40.724817Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-13T16:05:43.335Z"}}], "cna": {"title": "Legacy built-in user account", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Vicxer Inc."}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "syslink software AG", "product": "Avantra", "versions": [{"status": "affected", "version": "0", "lessThan": "25.3.0", "versionType": "semver"}], "platforms": ["Windows", "Linux"], "defaultStatus": "unaffected"}], "references": [{"url": "https://support.avantra.com/hc/en-us/articles/5352465121695-Security-Notice-Legacy-Built-In-User-Account-rtm", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Use of Hard-coded Credentials vulnerability in Avantra allows Accessing \nFunctionality Not Properly Constrained by ACLs. This issue affects \nAvantra: before 25.3.0.", "supportingMedia": [{"type": "text/html", "value": "Use of Hard-coded Credentials vulnerability in Avantra allows Accessing \nFunctionality Not Properly Constrained by ACLs. This issue affects \nAvantra: before 25.3.0.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials"}]}], "providerMetadata": {"orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch", "dateUpdated": "2026-03-13T09:31:16.682Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3873", "state": "PUBLISHED", "dateUpdated": "2026-03-13T16:05:47.203Z", "dateReserved": "2026-03-10T10:16:02.391Z", "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "datePublished": "2026-03-13T08:14:29.350Z", "assignerShortName": "NCSC.ch"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Use of Hard-coded Credentials vulnerability in Avantra allows Accessing \nFunctionality Not Properly Constrained by ACLs. This issue affects \nAvantra: before 25.3.0."}, {"lang": "es", "value": "Vulnerabilidad de uso de credenciales codificadas en Avantra permite acceder a funcionalidades no restringidas adecuadamente por ACLs. Este problema afecta a Avantra: versiones anteriores a la 25.3.0."}], "id": "CVE-2026-3873", "lastModified": "2026-03-16T14:53:46.157", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.7, "source": "vulnerability@ncsc.ch", "type": "Secondary"}]}, "published": "2026-03-13T19:55:10.810", "references": [{"source": "vulnerability@ncsc.ch", "url": "https://support.avantra.com/hc/en-us/articles/5352465121695-Security-Notice-Legacy-Built-In-User-Account-rtm"}], "sourceIdentifier": "vulnerability@ncsc.ch", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "vulnerability@ncsc.ch", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["windows", "linux"], "status": "affected", "versions": {"scheme": "generic", "value": "[0,25.3.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Avantra", "source": "cna", "vendor": "syslink software AG"}, "product": "avantra", "vendor": "syslink_software_ag"}], "analysis": {"en": {"generated_at": "2026-03-19T16:54:31.973666+00:00", "value": {"mitigation_remediation": ["Check the vendor\u2019s support site or contact support for any available patches or updates for Avantra versions before 25.3.0 and apply them if available.", "Verify that the hard\u2011coded credentials have been removed from the system configuration and that access control lists are correctly enforced to prevent privilege escalation.", "Conduct a system audit to detect any remaining hard\u2011coded credentials and review application logs for unauthorized access attempts.", "Implement network segmentation and restrict external access to the Avantra application to limit the attack surface."], "summary": {"action": "Apply Update", "impact": "Unauthorized Access"}, "threat_synthesis": {"affected_systems": "The affected product is Syslink software AG\u2019s Avantra platform. The issue exists in all releases prior to version 25.3.0, as stated by the vendor: \"This issue affects Avantra: before 25.3.0.\" No further version details are provided.", "description_and_impact": "The vulnerability originates from hard\u2011coded credentials embedded within the Avantra platform, allowing an entity to authenticate as a privileged user without proper credentials. This unauthorized access grants the ability to invoke functionality that is not correctly restricted by access control lists. The primary impact is the potential for data disclosure, manipulation, or other actions that compromise the confidentiality, integrity, and availability of the system. The weakness is classified as CWE\u2011798: Improper Validation or Use of Hard\u2011encoded Credentials.", "risk_and_exploitability": "The likely attack vector is remote network interaction when the application is exposed, as the hard\u2011coded credentials can be used over the network. Based on the description, it is inferred that local execution of the application would also permit use of the credentials. The CVSS base score of 7.2 indicates a high severity, while the EPSS score of less than 1% suggests a low probability of real\u2011world exploitation. The vulnerability is not listed in CISA\u2019s KEV catalog, indicating no publicly known exploits. Nonetheless, the possibility of privileged access warrants prompt mitigation."}}}}, "created": "2026-03-16T09:37:56.714754+00:00", "updated": "2026-03-23T09:59:42.234916+00:00", "vendors": ["syslink_software_ag", "syslink_software_ag$PRODUCT$avantra"]}