PatchSiren cyber security CVE debrief
CVE-2026-9758 Systerel CVE debrief
CVE-2026-9758 is a HIGH severity vulnerability with a CVSS score of 7.3. The vulnerability is caused by improper comparison with the certificates trusted list in S2OPC, which allows an attacker to provide a well-formed untrusted certificate to be considered trusted. The vulnerability was published on 2026-06-10T14:16:37.767Z and last modified on 2026-06-10T20:58:26.290Z.
- Vendor
- Systerel
- Product
- S2OPC
- CVSS
- HIGH 7.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-10
Who should care
Users of S2OPC should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability is caused by improper comparison with the certificates trusted list in S2OPC ( CWE-295 ). An attacker can provide a well-formed untrusted certificate to be considered trusted.
Defensive priority
HIGH
Recommended defensive actions
- Review and update the trusted certificate list in S2OPC.
- Implement proper certificate validation and comparison.
- Consider using a more secure certificate validation mechanism.
Evidence notes
The vulnerability is reported by an unknown vendor. The CVE record can be found at [cve-org]. More details can be found at [nvd].
Official resources
-
CVE-2026-9758 CVE record
CVE.org
-
CVE-2026-9758 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-9758 was published on 2026-06-10T14:16:37.767Z and last modified on 2026-06-10T20:58:26.290Z.