PatchSiren cyber security CVE debrief
CVE-2026-11535 vivo CVE debrief
CVE-2026-11535 is a critical vulnerability in the PcSuite APP that allows unauthorized access to victims' devices. The vulnerability has a CVSS score of 9.4 and was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-11535). The vendor is currently listed as Unknown Vendor, but evidence suggests a potential link to Vivo ([ref-4](https://www.vivo.com/en/support/security-advisory-detail?id=22)).
- Vendor
- vivo
- Product
- PcSuite
- CVSS
- CRITICAL 9.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-12
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-12
- Advisory updated
- 2026-06-12
Who should care
Security teams and administrators responsible for managing and securing devices with the PcSuite APP should be aware of this vulnerability and take immediate action to mitigate the risk.
Technical summary
The vulnerability exists in the PcSuite APP and can be exploited by attackers to gain unauthorized access to victims' devices. The CVSS vector is CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.
Defensive priority
High
Recommended defensive actions
- Apply patches or updates from the vendor as soon as they become available.
- Restrict access to the PcSuite APP and monitor for suspicious activity.
- Implement additional security measures, such as multi-factor authentication and network segmentation.
Evidence notes
The vendor is currently listed as Unknown Vendor, but evidence suggests a potential link to Vivo ([ref-4](https://www.vivo.com/en/support/security-advisory-detail?id=22)).
Official resources
-
CVE-2026-11535 CVE record
CVE.org
-
CVE-2026-11535 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-11535 was published on 2026-06-12T09:16:28.497Z and modified on 2026-06-12T16:06:47.720Z.