Carlson Software VASCO-B GNSS Receiver

Key Points:

• CVE-2026-3893 is a critical vulnerability in Carlson Software VASCO-B GNSS Receiver versions prior to 1.4.0, allowing remote attackers to alter system functions without authentication.
• The vulnerability has a CVSS score of 9.4, posing significant risks to critical manufacturing sectors globally, as it enables unauthorized access and modification of device configurations.
• It is recommended to minimize network exposure for control system devices, implement firewalls, and use secure remote access methods like VPNs to mitigate the risk of exploitation.

Technical Details: CVE-2026-3893 allows attackers with network access to modify the configuration and operational functions of the VASCO-B GNSS Receiver due to missing authentication mechanisms.

MITRE ATT&CK Techniques: None mentioned

IOCs Mentioned: None mentioned