CVE Catalog

CVE-2026-53475

CriticalCVSS 9.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

6th percentile — higher than 6% of all known CVEs

Summary

A flaw was found in assisted-migration-agent that hardcodes insecure TLS connections when communicating with vCenter. This vulnerability allows a Man-in-the-Middle (MITM) attacker to intercept and harvest vCenter administrator credentials.

Risk Assessment

This can lead to unauthorized access to vCenter, posing a significant security risk to the organization.

Recommendation

It is recommended to update the assisted-migration-agent application and implement secure TLS connection practices to protect administrator credentials.

Original NVD description (English source)

A flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer Security (TLS) connections when communicating with vCenter. This vulnerability allows a Man-in-the-Middle (MITM) attacker to intercept and harvest vCenter administrator credentials. This can lead to unauthorized access to vCenter.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS