{ "document": { "acknowledgments": [ { "organization": "CERT@VDE", "summary": "coordination", "urls": [ "https://certvde.com" ] }, { "organization": "Product Security Unit at VEGA Grieshaber KG", "summary": "reporting", "urls": [ "https://www.vega.com" ] } ], "aggregate_severity": { "namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale", "text": "medium" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "en-US", "notes": [ { "category": "summary", "text": "Vulnerable components expose sensitive information to unauthorized actors through an unsecured configuration interface. Vulnerable firmware releases contain an unsecured configuration interface that allows retrieval of sensitive information such as hashed credentials.\n\nIt was found that users with no or low rights can access information from devices that should not be available to them.\n\nAn attacker can use this information to impersonate authorized users.", "title": "Summary" }, { "category": "description", "text": "An authenticated attacker with adjacent access can obtain sensitive information, potentially enabling authenticated device modification.", "title": "Impact" }, { "category": "description", "text": "Implement access controls for physical interfaces to prevent unauthorized access.", "title": "Mitigation" }, { "category": "description", "text": "Update to the fixed firmware versions listed in this advisory. Rotate any credentials used on affected devices as they may have been compromised. Contact VEGA Support if emergency code rotation is necessary based on your risk assessment.", "title": "Remediation" }, { "category": "general", "text": "Implement access controls for physical interfaces to prevent unauthorized access.", "title": "General Recommendation" } ], "publisher": { "category": "vendor", "contact_details": "psirt@vega.com", "name": "VEGA Grieshaber KG", "namespace": "https://vega.com" }, "references": [ { "category": "external", "summary": "VEGA Grieshaber PSIRT", "url": "https://www.vega.com/en-us/company/legal-notice/information-on-cyber-security" }, { "category": "external", "summary": "CERT@VDE Security Advisories for VEGA Grieshaber", "url": "https://certvde.com/en/advisories/vendor/vega" }, { "category": "self", "summary": "VDE-2026-048: VEGA: Missing Authentication for critical function in VEGAPULS Bluetooth products - HTML", "url": "https://certvde.com/en/advisories/VDE-2026-048" }, { "category": "self", "summary": "VDE-2026-048: VEGA: Missing Authentication for critical function in VEGAPULS Bluetooth products - CSAF", "url": "https://vega.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-048.json" } ], "title": "VEGA: Missing Authentication for critical function in VEGAPULS Bluetooth products", "tracking": { "aliases": [ "VDE-2026-048" ], "current_release_date": "2026-05-04T09:10:00.000Z", "generator": { "date": "2026-05-04T09:10:09.934Z", "engine": { "name": "Secvisogram", "version": "2.5.44" } }, "id": "VDE-2026-048", "initial_release_date": "2026-05-04T06:00:00.000Z", "revision_history": [ { "date": "2026-05-04T06:00:00.000Z", "number": "1.0.0", "summary": "Initial Release" }, { "date": "2026-05-04T09:10:00.000Z", "number": "1.0.1", "summary": "Updated Title" } ], "status": "final", "version": "1.0.1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "VEGAPULS 11 with Bluetooth", "product": { "name": "VEGAPULS 11 with Bluetooth", "product_id": "CSAFPID-11001", "product_identification_helper": { "cpe": "cpe:2.3:h:vega:vegapuls11_bt_hardware:*:*:*:*:*:*:*:*", "model_numbers": [ "PS11.??B" ], "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-11" } ] } } }, { "category": "product_name", "name": "VEGAPULS C 11 with Bluetooth", "product": { "name": "VEGAPULS C 11 with Bluetooth", "product_id": "CSAFPID-11002", "product_identification_helper": { "cpe": "cpe:2.3:h:vega:vegapulsc11_bt_hardware:*:*:*:*:*:*:*:*", "model_numbers": [ "PSC11.?B" ], "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-11" } ] } } }, { "category": "product_name", "name": "VEGAPULS C 21 Three-wire SDI12", "product": { "name": "VEGAPULS C 21 Three-wire SDI12", "product_id": "CSAFPID-11003", "product_identification_helper": { "cpe": "cpe:2.3:h:vega:vegapulsc21_sdi12_hardware:*:*:*:*:*:*:*:*", "model_numbers": [ "PSC21.???????S?" ], "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-21" } ] } } }, { "category": "product_name", "name": "VEGAPULS C 22 Three-wire SDI12", "product": { "name": "VEGAPULS C 22 Three-wire SDI12", "product_id": "CSAFPID-11004", "product_identification_helper": { "cpe": "cpe:2.3:h:vega:vegapulsc22_sdi12_hardware:*:*:*:*:*:*:*:*", "model_numbers": [ "PSC22.???????S?" ], "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-22" } ] } } }, { "category": "product_name", "name": "VEGAPULS C 23 Three-wire SDI12", "product": { "name": "VEGAPULS C 23 Three-wire SDI12", "product_id": "CSAFPID-11005", "product_identification_helper": { "cpe": "cpe:2.3:h:vega:vegapulsc23_sdi12_hardware:*:*:*:*:*:*:*:*", "model_numbers": [ "PSC23.???????S?" ], "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-23" } ] } } } ], "category": "product_family", "name": "Hardware" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:generic/<1.2.3", "product": { "name": "Firmware < 1.2.3", "product_id": "CSAFPID-21001", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapuls11_bt_firmware:*:*:*:*:*:*:*:*", "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-11" } ] } } }, { "category": "product_version", "name": "1.2.3", "product": { "name": "Firmware 1.2.3", "product_id": "CSAFPID-22001", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapuls11_bt_firmware:1.2.3:*:*:*:*:*:*:*", "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-11" } ] } } } ], "category": "product_name", "name": "VEGAPULS 11 with Bluetooth" }, { "branches": [ { "category": "product_version_range", "name": "vers:generic/<1.2.3", "product": { "name": "Firmware < 1.2.3", "product_id": "CSAFPID-21002", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc11_bt_firmware:*:*:*:*:*:*:*:*", "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-11" } ] } } }, { "category": "product_version", "name": "1.2.3", "product": { "name": "Firmware 1.2.3", "product_id": "CSAFPID-22002", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc11_bt_firmware:1.2.3:*:*:*:*:*:*:*", "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-11" } ] } } } ], "category": "product_name", "name": "VEGAPULS C 11 with Bluetooth" }, { "branches": [ { "category": "product_version_range", "name": "vers:generic/<1.3.2", "product": { "name": "Firmware < 1.3.2", "product_id": "CSAFPID-21003", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc21_sdi12_firmware:*:*:*:*:*:*:*:*", "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-21" } ] } } }, { "category": "product_version", "name": "1.3.2", "product": { "name": "Firmware 1.3.2", "product_id": "CSAFPID-22003", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc21_sdi12_firmware:1.3.2:*:*:*:*:*:*:*", "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-21" } ] } } } ], "category": "product_name", "name": "VEGAPULS C 21 Three-wire SDI12" }, { "branches": [ { "category": "product_version_range", "name": "vers:generic/<1.3.2", "product": { "name": "Firmware < 1.3.2", "product_id": "CSAFPID-21004", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc22_sdi12_firmware:*:*:*:*:*:*:*:*", "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-22" } ] } } }, { "category": "product_version", "name": "1.3.2", "product": { "name": "Firmware 1.3.2", "product_id": "CSAFPID-22004", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc22_sdi12_firmware:1.3.2:*:*:*:*:*:*:*", "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-22" } ] } } } ], "category": "product_name", "name": "VEGAPULS C 22 Three-wire SDI12" }, { "branches": [ { "category": "product_version_range", "name": "vers:generic/<1.3.2", "product": { "name": "Firmware < 1.3.2", "product_id": "CSAFPID-21005", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc23_sdi12_firmware:*:*:*:*:*:*:*:*", "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-23" } ] } } }, { "category": "product_version", "name": "1.3.2", "product": { "name": "Firmware 1.3.2", "product_id": "CSAFPID-22005", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc23_sdi12_firmware:1.3.2:*:*:*:*:*:*:*", "x_generic_uris": [ { "namespace": "https://www.vega.com/en-us/products/product-catalog/", "uri": "https://www.vega.com/en-us/products/product-catalog/level/radar/vegapuls-c-23" } ] } } } ], "category": "product_name", "name": "VEGAPULS C 23 Three-wire SDI12" }, { "category": "product_name", "name": "CVE Reference Score", "product": { "name": "CVE-2026-3323 Reference Score", "product_id": "CSAFPID-0002" } } ], "category": "product_family", "name": "Firmware" } ], "category": "vendor", "name": "VEGA Grieshaber KG" } ], "product_groups": [ { "group_id": "CSAFGID-0001", "product_ids": [ "CSAFPID-31001", "CSAFPID-31002", "CSAFPID-31003", "CSAFPID-31004", "CSAFPID-31005" ], "summary": "Affected products." } ], "relationships": [ { "category": "installed_on", "full_product_name": { "name": "Firmware < 1.2.3 installed on VEGAPULS 11 with Bluetooth", "product_id": "CSAFPID-31001", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapuls11_bt_firmware:*:*:*:*:*:*:*:*", "model_numbers": [ "PS11.??B" ] } }, "product_reference": "CSAFPID-21001", "relates_to_product_reference": "CSAFPID-11001" }, { "category": "installed_on", "full_product_name": { "name": "Firmware 1.2.3 installed on VEGAPULS 11 with Bluetooth", "product_id": "CSAFPID-32001", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapuls11_bt_firmware:1.2.3:*:*:*:*:*:*:*", "model_numbers": [ "PS11.??B" ] } }, "product_reference": "CSAFPID-22001", "relates_to_product_reference": "CSAFPID-11001" }, { "category": "installed_on", "full_product_name": { "name": "Firmware < 1.2.3 installed on VEGAPULS C 11 with Bluetooth", "product_id": "CSAFPID-31002", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc11_bt_firmware:*:*:*:*:*:*:*:*", "model_numbers": [ "PSC11.?B" ] } }, "product_reference": "CSAFPID-21002", "relates_to_product_reference": "CSAFPID-11002" }, { "category": "installed_on", "full_product_name": { "name": "Firmware 1.2.3 installed on VEGAPULS C 11 with Bluetooth", "product_id": "CSAFPID-32002", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc11_bt_firmware:1.2.3:*:*:*:*:*:*:*", "model_numbers": [ "PSC11.?B" ] } }, "product_reference": "CSAFPID-22002", "relates_to_product_reference": "CSAFPID-11002" }, { "category": "installed_on", "full_product_name": { "name": "Firmware < 1.3.2 installed on VEGAPULS C 21 Three-wire SDI12", "product_id": "CSAFPID-31003", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc21_sdi12_firmware:*:*:*:*:*:*:*:*", "model_numbers": [ "PSC21.???????S?" ] } }, "product_reference": "CSAFPID-21003", "relates_to_product_reference": "CSAFPID-11003" }, { "category": "installed_on", "full_product_name": { "name": "Firmware 1.3.2 installed on VEGAPULS C 21 Three-wire SDI12", "product_id": "CSAFPID-32003", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc21_sdi12_firmware:1.3.2:*:*:*:*:*:*:*", "model_numbers": [ "PSC21.???????S?" ] } }, "product_reference": "CSAFPID-22003", "relates_to_product_reference": "CSAFPID-11003" }, { "category": "installed_on", "full_product_name": { "name": "Firmware < 1.3.2 installed on VEGAPULS C 22 Three-wire SDI12", "product_id": "CSAFPID-31004", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc22_sdi12_firmware:*:*:*:*:*:*:*:*", "model_numbers": [ "PSC22.???????S?" ] } }, "product_reference": "CSAFPID-21004", "relates_to_product_reference": "CSAFPID-11004" }, { "category": "installed_on", "full_product_name": { "name": "Firmware 1.3.2 installed on VEGAPULS C 22 Three-wire SDI12", "product_id": "CSAFPID-32004", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc22_sdi12_firmware:1.3.2:*:*:*:*:*:*:*", "model_numbers": [ "PSC22.???????S?" ] } }, "product_reference": "CSAFPID-22004", "relates_to_product_reference": "CSAFPID-11004" }, { "category": "installed_on", "full_product_name": { "name": "Firmware < 1.3.2 installed on VEGAPULS C 23 Three-wire SDI12", "product_id": "CSAFPID-31005", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc23_sdi12_firmware:*:*:*:*:*:*:*:*", "model_numbers": [ "PSC23.???????S?" ] } }, "product_reference": "CSAFPID-21005", "relates_to_product_reference": "CSAFPID-11005" }, { "category": "installed_on", "full_product_name": { "name": "Firmware 1.3.2 installed on VEGAPULS C 23 Three-wire SDI12", "product_id": "CSAFPID-32005", "product_identification_helper": { "cpe": "cpe:2.3:o:vega:vegapulsc23_sdi12_firmware:1.3.2:*:*:*:*:*:*:*", "model_numbers": [ "PSC23.???????S?" ] } }, "product_reference": "CSAFPID-22005", "relates_to_product_reference": "CSAFPID-11005" } ] }, "vulnerabilities": [ { "cve": "CVE-2026-3323", "cwe": { "id": "CWE-306", "name": "Missing Authentication for Critical Function" }, "notes": [ { "audience": "all", "category": "description", "text": "An unsecured configuration interface on the affected devices allows an authenticated attacker with adjacent access (with Bluetooth) to gain sensitive information like hashed credentials and access codes.", "title": "CVE Description" }, { "category": "details", "text": "Due to different bus and network interfaces the affected products have different CVSS vectors. Please see the scores listed in the CSAF for details.", "title": "Vulnerability details" } ], "product_status": { "fixed": [ "CSAFPID-32001", "CSAFPID-32002", "CSAFPID-32003", "CSAFPID-32004", "CSAFPID-32005" ], "known_affected": [ "CSAFPID-31001", "CSAFPID-31002", "CSAFPID-31003", "CSAFPID-31004", "CSAFPID-31005", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" } ], "remediations": [ { "category": "mitigation", "details": "Implement access control to physical interfaces to prevent unauthorized access.", "product_ids": [ "CSAFPID-31001", "CSAFPID-31002", "CSAFPID-31003", "CSAFPID-31004", "CSAFPID-31005" ] }, { "category": "vendor_fix", "details": "Update to fixed firmware versions listed in this advisory.\n\nRotate any credentials that were used on the affected devices as they may have been compromised.\n\nContact VEGA Support if rotating emergency codes is necessary based on your risk assessment.", "product_ids": [ "CSAFPID-31001", "CSAFPID-31002", "CSAFPID-31003", "CSAFPID-31004", "CSAFPID-31005" ], "restart_required": { "category": "vulnerable_component", "details": "A restart of the vulnerable component is required after applying the firmware update." }, "url": "https://www.vega.com/en-us/downloads" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "environmentalScore": 5.7, "environmentalSeverity": "MEDIUM", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "temporalScore": 5.7, "temporalSeverity": "MEDIUM", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-31001", "CSAFPID-31002", "CSAFPID-31003", "CSAFPID-31004", "CSAFPID-31005" ] }, { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0002" ] } ], "title": "Privilege escalation through unsecured configuration interface" } ] }