PatchSiren cyber security CVE debrief
CVE-2026-21404 NAVTOR CVE debrief
CVE-2026-21404 is a medium-severity vulnerability in NAVTOR NavBox versions up to 4.16.1.20. The issue arises from hard-coded credentials within its Windows Communication Foundation (SOAP) implementation. If SOAP functionality is enabled, a local attacker can extract these credentials to bypass the intended transfer workflow. Successful authentication against the SOAP interface grants access to privileged WCF methods, allowing an attacker to write or overwrite files within application-defined paths.
- Vendor
- NAVTOR
- Product
- NavBox
- CVSS
- MEDIUM 5.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-04
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-06-04
- Advisory updated
- 2026-06-05
Who should care
Administrators and users of NAVTOR NavBox versions up to 4.16.1.20 should be aware of this vulnerability, especially if SOAP functionality is enabled.
Technical summary
The vulnerability has a CVSS score of 5.8 and is classified as CWE-798. It requires local access and high attack complexity.
Defensive priority
MEDIUM
Recommended defensive actions
- Disable SOAP functionality if not required.
- Update NAVTOR NavBox to a version beyond 4.16.1.20.
- Restrict access to the SOAP interface.
- Monitor for suspicious activity related to file modifications within application-defined paths.
Evidence notes
Evidence from official sources, including CVE.org and NVD, confirms the existence and details of this vulnerability.
Official resources
CVE-2026-21404 was published on 2026-06-04T20:16:57.083Z and modified on 2026-06-05T16:05:36.550Z.