CVE-2026-2491

MEDIUM

Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability

Title source: cna

Description

Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web API implementation, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-23993.

References (2)

[X_Research Advisory] https://www.zerodayinitiative.com/advisories/ZDI-26-129/

[Vendor Advisory] https://emea.socomec.com/en/resource-center/resource-type/cyber-vulnerabilities-601

Scores

CVSS v3 6.3

EPSS 0.0013

EPSS Percentile 31.2%

Attack Vector ADJACENT_NETWORK

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-306

Status published

Products (1)

Socomec/DIRIS A-40 1.8.1

Published Mar 16, 2026

Tracked Since Mar 16, 2026