CVE-2026-1632NVD

Vulnerability Summary

MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device.

Severity Level

CRITICAL(9.3)

Published Date

Feb 3, 2026

Last Modified

Feb 4, 2026

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-306: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v4.0 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

External References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-034-03.json
https://www.cisa.gov/news-events/ics-advisories/icsa-26-034-03

Critical Alert

CVE Watchtower

CVE-2026-1632NVD

Vulnerability Summary

External References