CVE-2026-27869 Teldat CVE debrief

Who should care

Organizations using the Regesta Smart HD-PLC device, specifically version 11.02.05.10.02, should be aware of this vulnerability and take necessary precautions to prevent exploitation. This includes ensuring that the device is properly configured and monitored for suspicious activity.

Technical summary

The CVE-2026-27869 vulnerability affects the Regesta Smart HD-PLC device by Teldat. An attacker with network access can exploit this vulnerability using a Slow Loris attack, which involves sending a large number of HTTP requests to the device's web interface, causing it to become unresponsive. The affected software version is 11.02.05.10.02. The CVSS vector for this vulnerability is CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.

Defensive priority

medium

Recommended defensive actions

• Update the device software to the latest version, if available.
• Implement network segmentation to limit access to the device.
• Configure the device's web interface to only allow access from trusted IP addresses.
• Monitor the device's logs for suspicious activity.
• Implement rate limiting on the device's web interface to prevent Slow Loris attacks.
• Consider using a web application firewall (WAF) to detect and prevent attacks.

Evidence notes

The information provided is based on the CVE-2026-27869 record from the National Vulnerability Database (NVD) and the vendor's documentation. The CVE record was published on June 17, 2026, and last modified on the same day. The vendor's documentation provides additional information on the affected device and software version.

Official resources