CVE-2026-3893
CriticalCVSS 9.4Exploitation Probability (EPSS)
Low risk29th percentile — higher than 29% of all known CVEs
Summary
The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing an attacker with network access to directly access and modify its configuration and operational functions without needing credentials.
Risk Assessment
The lack of authentication poses a significant risk to organizations, enabling attackers to manipulate critical device settings, potentially leading to disruptions in GNSS-based systems.
Recommendation
It is recommended to implement authentication mechanisms and restrict access to the GNSS receiver to authorized users only.
Original NVD description (English source)
The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing an attacker with network access to directly access and modify its configuration and operational functions without needing credentials.

