Home / Vulnerability Intelligence / CVE-2026-40434

CVE-2026-40434 - Vulnerability Analysis

HighCVSS: 8.1

Last Updated: April 17, 2026

Anviz CrossChex Standard - Man In The Middle

Published: April 17, 2026Updated: April 17, 2026

Overview

Anviz CrossChex Standard contains a man-in-the-middle vulnerability caused by lack of source verification in the client/server channel, letting attackers on the same network alter or disrupt application traffic, exploit requires network access.

Severity & Score

Severity: High

CVSS Score: 8.1

Impact

Attackers on the same network can alter or disrupt application traffic, potentially causing data tampering or denial of service.

Mitigation

Update to the latest version with source verification implemented.

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.json
https://www.anviz.com/contact-us.html
https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-40434
Severity: High
CVSS Score: 8.1
Type: man_in_the_middle
Status: new

CWE

CWE-940

CVSS Metrics

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H