OAuth Grant Vulnerability in PcVue WebServices
CVE-2026-1693
5.3MEDIUM
What is CVE-2026-1693?
The OAuth grant type Resource Owner Password Credentials (ROPC) flow remains implemented in the web services utilized by PcVue's WebVue, WebScheduler, TouchVue, and Snapvue features, even though it has been deprecated. This can present a potential risk, as remote attackers might exploit this flaw to illegally obtain user credentials, highlighting the importance of securing these interfaces against unauthorized access.
Affected Version(s)
PcVue 16.0.0 <= 16.3.3
PcVue 15.0.0 <= 15.2.13
PcVue 12.0.0
