NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-2336

Summary	A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03.
Publication Date	April 17, 2026, 3:16 a.m.
Registration Date	April 17, 2026, 4:13 a.m.
Last Update	April 17, 2026, 3:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/istax-privilege-escalation-via-weak-cookie-authentication	dc3f6da9-85b5-4a73-84a2-2ec90b40fca5

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-331	エントロピー不足	https://cwe.mitre.org/data/definitions/331.html