PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-31983 Nozomi Networks CVE debrief

A Missing Authentication vulnerability was discovered in the SSH keys synchronization endpoint of Nozomi Networks' CMC and Guardian products. An unauthenticated attacker can send a request to this endpoint and obtain the list of users who have uploaded their public SSH keys, their groups, and the uploaded public SSH keys. This vulnerability allows attackers to access sensitive information about users and their SSH keys. The affected products are Nozomi Networks' CMC and Guardian, with versions prior to 26.2.0 being vulnerable.

Vendor
Nozomi Networks
Product
Guardian
CVSS
MEDIUM 6.9
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-09
Original CVE updated
2026-07-10
Advisory published
2026-07-09
Advisory updated
2026-07-10

Who should care

Security teams and administrators responsible for Nozomi Networks' CMC and Guardian products should be aware of this vulnerability and take necessary actions to mitigate it. They should verify the affected products and versions in their environments, review and apply the vendor's mitigation or patch, and restrict access to the SSH keys synchronization endpoint.

Technical summary

The vulnerability exists in the SSH keys synchronization endpoint, allowing unauthenticated attackers to access sensitive information about users and their SSH keys. The affected products are Nozomi Networks' CMC and Guardian, with versions prior to 26.2.0 being vulnerable. This vulnerability can be exploited by sending a request to the SSH keys synchronization endpoint, potentially leading to sensitive information disclosure.

Defensive priority

Medium priority due to the potential for sensitive information disclosure.

Recommended defensive actions

  • Review and apply the vendor's mitigation or patch
  • Restrict access to the SSH keys synchronization endpoint
  • Monitor for suspicious activity
  • Inventory and update affected products
  • Implement compensating controls
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented

Evidence notes

The CVE record was published on 2026-07-09T08:16:47.800Z and last modified on 2026-07-10T13:13:26.723Z. The NVD entry is currently Analyzed. The vulnerability exists in Nozomi Networks' CMC and Guardian products, with versions prior to 26.2.0 being vulnerable. The SSH keys synchronization endpoint allows unauthenticated attackers to access sensitive information about users and their SSH keys. Security teams should verify the affected products and versions in their environments.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T08:16:47.800Z and has not been modified since then. The NVD entry is currently Analyzed.