Firmware Update Vulnerability in XYZ Firmware by ABC Corp
CVE-2026-22097

9.3CRITICAL

Key Information:

Vendor

Evbee

Status
Vendor
CVE Published:
13 July 2026

What is CVE-2026-22097?

A critical issue has been identified in the firmware update mechanism of XYZ Firmware by ABC Corp. The lack of cryptographic signature validation permits unauthorized individuals to upload arbitrary files. This significant oversight can enable malicious actors to execute arbitrary code, thereby compromising the security of affected devices. Organizations utilizing this firmware should prioritize immediate remediation actions to mitigate potential threats.

Affected Version(s)

DC-80 0 < 1.5.1

References

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Wilco van Beijnum (ElaadNL)
Jeroen van der Ham-de Vos (DIVD)
.