CVE-2026-35062
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk16th percentile - higher than 16% of all known CVEs
Summary
An authenticated iControl SOAP user may be able to obtain information of other accounts. The vulnerability affects software versions that have not reached End of Technical Support.
Risk Assessment
The risk involves potential leakage of credentials or account information of other users, which could lead to privilege escalation or confidentiality breach.
Recommendation
It is recommended to immediately update the software to the latest available version and restrict access to the iControl SOAP interface to trusted users only.
Original NVD description (English source)
An authenticated iControl SOAP user may be able to obtain information of other accounts. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

