Modbus TCP Vulnerability in Innomic Products
CVE-2022-50978

7.5HIGH

Key Information:

Vendor: Innomic
Status: Vibroline Vlx1 Hd 5.0; Vibroline Vlx2 Hd 5.0; Vibroline Vlx4 Hd 5.0; Vibroline Vlx6 Hd 5.0
Vendor: CVE Published:; 2 February 2026

What is CVE-2022-50978?

An unauthenticated remote attacker may exploit a vulnerability in Innomic products using Modbus TCP by switching between multiple configuration presets. This manipulation could potentially disrupt normal operational procedures, highlighting the importance of securing access controls and monitoring system configurations.

Affected Version(s)

AvibiaLine AVLX1 HD 5.0 2.1.1340 <= 2.1.1387

AvibiaLine AVLX1 HD 5.0 2.1.1866

AvibiaLine AVLX2 HD 5.0 2.1.1340 <= 2.1.1387

References

https://www.innomic.com/.well-known/csaf/white/2026/ids-2...

vendor-advisory

https://www.innomic.com/.well-known/csaf/white/2026/ids-2...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 2, 2026
Vulnerability Reserved
Jan 12, 2026

CVE-2022-50978 Data

JSON