PatchSiren

Pharos Controls CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

CRITICAL Pharos Controls CVE published 2026-03-24

CVE-2026-2417

CVE-2026-2417 is a critical authentication-bypass issue affecting Pharos Controls Mosaic Show Controller firmware version 2.15.3. According to the CISA advisory published on 2026-03-24, an unauthenticated attacker could bypass authentication and execute arbitrary commands with root privileges. Pharos Controls recommends upgrading to Mosaic Show Controller version 2.16 or later. The provided enrichment doe [truncated]