10 matches found
CVE-2026-6411
This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted,...
CVE-2026-6411
This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted,...
CVE-2026-6411 MAXHUB Pivot Client Application Use of a Broken or Risky Cryptographic Algorithm
This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted,...
CVE-2026-6411 MAXHUB Pivot Client Application Use of a Broken or Risky Cryptographic Algorithm
This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Due to the presence of a hardcoded AES key within the application, the encrypted data can be decrypted,...
CVE-2026-6411
The CVE-2026-6411 issue affects MAXHUB Pivot client applications before v1.36.2. It stems from a hardcoded AES key, allowing decrypting encrypted tenant email addresses and related metadata, resulting in cleartext exposure. Additionally, an attacker could trigger a denial-of-service by enrolling ...
MAXHUB Pivot client application 加密问题漏洞
The MAXHUB Pivot client application is a client component of the MAXHUB company’s device management platform. Versions of the MAXHUB Pivot client application prior to 1.36.2 contained an encryption vulnerability. This vulnerability stemmed from the hardcoded AES key within the application. It cou...
CVE-2025-53704 MAXHUB Pivot Weak Password Recovery Mechanism for Forgotten Password
The password reset mechanism for the Pivot client application is weak, and it may allow an attacker to take over the account...
CVE-2025-53704
CVE-2025-53704 concerns the MAXHUB Pivot client application, where the password reset mechanism is weak and may allow an attacker to take over an account. Multiple sources (NVD, Red Hat, EUVD, CVE List, and CISA ICS advisory ICSA-25-338-02) describe the issue as a weak password reset causing pote...
CISA Releases Nine Industrial Control Systems Advisories
CISA released nine Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-338-01 Mitsubishi Electric GX Works2 ICSA-25-338-02 MAXHUB Pivot ICSA-25-338-03 Johnson Controls OpenBlue...
MAXHUB Pivot client application 授权问题漏洞
The MAXHUB Pivot client application is a client component of a device management platform from MAXHUB Corporation. An authorization issue vulnerability exists in the MAXHUB Pivot client application that stems from a weak password reset mechanism that could lead to account takeover...