CVE Catalog

CVE-2026-14162

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Summary

A vulnerability in Advantech's Hospital Queuing Management allows unauthenticated remote attackers to access API documentation via a specific URL, leading to sensitive data exposure.

Risk Assessment

The risk involves potential leakage of API technical details, which could be exploited for further attacks, including unauthorized access to patient data and queue configuration.

Recommendation

Immediately restrict access to API documentation through authentication or block public access to sensitive URLs, and update the software to the latest version once a patch is released.

Original NVD description (English source)

Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS