Post

Critical Vulnerability in MAXHUB Pivot Client Application

Posted
By ictsec.pl
1 min read
Critical Vulnerability in MAXHUB Pivot Client Application

Critical Vulnerability in MAXHUB Pivot Client Application 🚨

A critical vulnerability, CVE-2026-6411, has been identified in the MAXHUB Pivot client application versions prior to v1.36.2. This vulnerability may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted, enabling access to tenant email addresses and associated information in cleartext.

Furthermore, an attacker may be able to cause a denial-of-service condition by enrolling multiple unauthorized devices into a tenant via MQTT, potentially disrupting tenant operations. Successful exploitation of this vulnerability may enable an attacker to access tenant email addresses and associated information in cleartext or cause a denial-of-service condition. The affected Critical Infrastructure Sectors are Information Technology, and the vulnerability has been deployed Worldwide.

Recommendations from MAXHUB 🔧

MAXHUB recommends users upgrade the Pivot client application to v1.36.2 or newer. The remediation has been made available through an OTA update. Users running v1.36.2 or later are not affected and need only ensure they continue to maintain the latest version. At this time, MAXHUB is not aware of any public exploitation of this issue.

CISA’s Defensive Measures 🛡️

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability:

  • Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the Internet.
  • Locate control system networks and remote devices behind firewalls and isolate them from business networks.
  • When remote access is required, use more secure methods, such as virtual private networks (VPNs).

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

For more details, you can read the full article here: Read full article

CYBERSECURITY
MAXHUB VULNERABILITY CYBERSECURITY CISA
This post is licensed under CC BY 4.0 by the author.