Authentication Flaw in MOMA Seismic Station Web Interface
CVE-2026-1632

9.3CRITICAL

Key Information:

Vendor: Riss Srl
Status: Moma Seismic Station
Vendor: CVE Published:; 3 February 2026

What is CVE-2026-1632?

The MOMA Seismic Station web management interface is exposed to unauthenticated access, allowing attackers to modify configuration settings, retrieve device data, or perform remote resets. This vulnerability underscores the importance of implementing proper authentication mechanisms to safeguard device integrity and prevent unauthorized manipulation.

Affected Version(s)

MOMA Seismic Station 0

References

https://www.cisa.gov/news-events/ics-advisories/icsa-26-0...

https://github.com/cisagov/CSAF/blob/develop/csaf_files/O...

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 3, 2026
Vulnerability Reserved
Jan 29, 2026

Credit

Souvik Kandar reported this vulnerability to CISA

CVE-2026-1632 Data

JSON

Riss Srl

What is CVE-2026-1632?

Affected Version(s)

References

CVSS V4

Timeline

Credit