PatchSiren cyber security CVE debrief
CVE-2026-8602 ScadaBR CVE debrief
CVE-2026-8602 describes a missing authentication issue in ScadaBR 1.2.0 that can let an unauthenticated attacker send HTTP GET requests to the SCADA system and inject arbitrary sensor readings. Because the issue is reachable over the network and affects integrity and availability, exposed deployments should treat it as high priority.
- Vendor
- ScadaBR
- Product
- Unknown
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-19
- Original CVE updated
- 2026-05-21
- Advisory published
- 2026-05-19
- Advisory updated
- 2026-05-21
Who should care
Operators and defenders responsible for ScadaBR 1.2.0, especially OT/ICS environments with SCADA access exposed beyond a tightly controlled network. Security teams monitoring industrial systems should also review related logs and network controls.
Technical summary
The supplied NVD record describes CVE-2026-8602 as a Missing Authentication for Critical Function issue in ScadaBR version 1.2.0. The weakness is mapped to CWE-306. An unauthenticated attacker may be able to send HTTP GET requests to the SCADA system and inject arbitrary sensor readings. The NVD metadata lists the issue as awaiting analysis and includes a network-based CVSS v4.0 vector with no privileges required and high integrity/availability impact.
Defensive priority
Immediate for any exposed or production ScadaBR 1.2.0 deployment.
Recommended defensive actions
- Confirm whether ScadaBR 1.2.0 is in use anywhere in the environment, including lab, test, and production segments.
- Restrict network access to the SCADA interface to trusted management networks and required service accounts only.
- Verify whether authentication is enforced on all critical functions and disable or isolate any unauthenticated access paths.
- Review application, reverse proxy, and network logs for unexpected HTTP GET activity and unexplained sensor value changes.
- Apply vendor or CISA guidance from the linked advisory and prioritize remediation before broader internet or IT network exposure.
- Validate sensor data against independent telemetry or control logic to detect tampering until a fix is in place.
Evidence notes
This debrief is based on the supplied NVD record for CVE-2026-8602, published 2026-05-19 and modified 2026-05-19, plus the linked CISA ICS advisory reference. The NVD metadata states vulnStatus 'Awaiting Analysis,' identifies CWE-306, and describes unauthenticated HTTP GET requests enabling arbitrary sensor reading injection in ScadaBR 1.2.0. No KEV entry was provided in the source corpus.
Official resources
-
CVE-2026-8602 CVE record
CVE.org
-
CVE-2026-8602 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, US Government Resource
Published in the CVE/NVD record on 2026-05-19. This debrief uses the supplied publication and modification timestamps only; it does not infer any earlier discovery or release date.