CVE-2026-53475
CriticalCVSS 9.3Exploitation Probability (EPSS)
Low risk6th percentile — higher than 6% of all known CVEs
Summary
A flaw was found in assisted-migration-agent that hardcodes insecure TLS connections when communicating with vCenter. This vulnerability allows a Man-in-the-Middle (MITM) attacker to intercept and harvest vCenter administrator credentials.
Risk Assessment
This can lead to unauthorized access to vCenter, posing a significant security risk to the organization.
Recommendation
It is recommended to update the assisted-migration-agent application and implement secure TLS connection practices to protect administrator credentials.
Original NVD description (English source)
A flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer Security (TLS) connections when communicating with vCenter. This vulnerability allows a Man-in-the-Middle (MITM) attacker to intercept and harvest vCenter administrator credentials. This can lead to unauthorized access to vCenter.

