CVE-2026-33892

Name of the Vulnerable Software and Affected Versions Industrial Edge Management Pro V1 versions 1.7.6 through 1.15.16 Industrial Edge Management Pro V2 versions 2.0.0 through 2.1.0 Industrial Edge Management Virtual versions 2.2.0 through 2.7.9

Description Management systems do not properly enforce user authentication on remote connections to devices. This allows an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user by tunneling to the device. Successful exploitation requires the remote connection feature to be enabled and the attacker to have identified the specific header and port used for these connections. Security features on the target device itself, such as app specific authentication, remain unaffected.

Recommendations Update Industrial Edge Management Pro V1 to version 1.15.17 or later. Update Industrial Edge Management Pro V2 to version 2.1.1 or later. Update Industrial Edge Management Virtual to version 2.8.0 or later.