CVE-2026-1840

Name: CVE-2026-1840 — Vulnerability Record
Brand: Quanteta Data Lab
SKU: CVE-2026-1840

HIGH

CVSS v3.1: 7.5 · EPSS: 0.0073 (49.4 percentile)

NetworkNo privilegesNo user interactionMissing Authentication

Source data as of: 2026-06-26 05:02:17 UTC

At a glance

Severity: HIGH
CVSS: 7.5 v3.1 · NVD
EPSS: 0.0073 (49.4 percentile) · FIRST.org
CISA KEV: No
Type: Missing Authentication · NVD CWE
Attack conditions (CVSS vector): NetworkNo privilegesNo user interaction · Source: NVD Vector
Published: 2026-06-24 · Modified: 2026-06-25
References: Jump to references (3)

CVSS / EPSS / KEV

CVSS v3.1 7.5 / 10 HIGH Source: NVD

CVSS v4.0 8.7 / 10 HIGH Source: NVD

EPSS 0.0073 49.4 percentile Source: FIRST.org

CISA KEV No Source: CISA

Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources

Description

The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration settings, allowing attackers to alter operational parameters and trigger system restarts without restriction. Such unauthorized changes can disrupt normal functionality and, if performed repeatedly, may lead to a loss of communications to the device.

Record details

CVE ID: CVE-2026-1840
CVSS (v3.1): 7.5 (HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability subscore: 3.9
Impact subscore: 3.6
EPSS: 0.0073 (49.4 percentile) — 2026-06-26
CISA KEV: No
Weakness (CWE): CWE-306
Affected configurations (CPE): 0
Published: 2026-06-24
Modified: 2026-06-25
Status: Deferred

References

Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.

← Back to all records

CVE-2026-1840

At a glance

CVSS / EPSS / KEV

Description

Record details

References

Related records

Same weakness type (CWE)

Published the same year