CVE-2026-25939

Name of the Vulnerable Software and Affected Versions FUXA versions 1.2.8 through 1.2.10

Description FUXA is a web-based Process Visualization software used in SCADA/HMI/Dashboard systems. An authorization bypass allows a remote, unauthenticated attacker to create and modify schedulers. This can expose connected ICS/SCADA environments to further malicious actions. The vulnerability exists due to insufficient access controls.

Recommendations Update to FUXA version 1.2.11 or later.