Post

SALTO ProAccess Space Vulnerability Alert

SALTO ProAccess Space Vulnerability Alert

SALTO ProAccess Space Vulnerability Alert 🚨

Date Published: July 16, 2026

A recent vulnerability has been identified in the SALTO ProAccess Space system. Successful exploitation of this vulnerability allows an authenticated attacker to escalate privileges and access spaces outside their assigned partition. This issue affects installations where the partition feature is enabled, and it requires valid authenticated operator credentials.

Affected Versions

The following versions of SALTO ProAccess Space are vulnerable:

  • ProAccess Space < 6.13 (CVE-2026-11889)

Recommendations

Users of SALTO ProAccess using the tenancy feature should upgrade to version 6.13. To enhance security, consider the following measures:

  1. Operate ProAccess Space on a protected internal network.
  2. Restrict operator-level accounts to the minimum required.
  3. If feasible, disable the partitioning feature.
  4. For strong tenant separation, run separate Space instances.

Additional Security Measures

  • Minimize network exposure for all control system devices.
  • Use secure methods for remote access, such as Virtual Private Networks (VPNs).

CISA recommends that organizations perform a proper impact analysis and risk assessment prior to deploying defensive measures.

For more details, Read full article.

This post is licensed under CC BY 4.0 by the author.