{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40434", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2026-04-14T15:42:14.096Z", "datePublished": "2026-04-17T19:49:28.099Z", "dateUpdated": "2026-04-17T20:28:02.785Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2026-04-17T19:49:28.099Z"}, "title": "Anviz CrossChex Standard Improper Verification of Source of a Communication Channel", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-940", "description": "CWE-940", "type": "CWE"}]}], "affected": [{"vendor": "Anviz", "product": "Anviz CrossChex Standard", "versions": [{"status": "affected", "version": "All versions"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Anviz CrossChex Standard\nlacks source verification in the client/server channel, enabling TCP \npacket injection by an attacker on the same network to alter or disrupt \napplication traffic.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Anviz CrossChex Standard\nlacks source verification in the client/server channel, enabling TCP \npacket injection by an attacker on the same network to alter or disrupt \napplication traffic."}]}], "references": [{"url": "https://www.anviz.com/contact-us.html"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03"}, {"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.json"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}}], "workarounds": [{"lang": "en", "value": "Anviz did not respond to CISA's attempts to coordinate these \nvulnerabilities. Users should contact Anviz for more information at \nhttps://www.anviz.com/contact-us.html.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Anviz did not respond to CISA's attempts to coordinate these \nvulnerabilities. Users should contact Anviz for more information at \nhttps://www.anviz.com/contact-us.html."}]}], "source": {"advisory": "ICSA-26-106-03", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-17T20:27:23.496359Z", "id": "CVE-2026-40434", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-17T20:28:02.785Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-40434", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-17T20:27:23.496359Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-17T20:27:29.011Z"}}], "cna": {"title": "Anviz CrossChex Standard Improper Verification of Source of a Communication Channel", "source": {"advisory": "ICSA-26-106-03", "discovery": "EXTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Anviz", "product": "Anviz CrossChex Standard", "versions": [{"status": "affected", "version": "All versions"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.anviz.com/contact-us.html"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03"}, {"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.json"}], "workarounds": [{"lang": "en", "value": "Anviz did not respond to CISA's attempts to coordinate these \nvulnerabilities. Users should contact Anviz for more information at \nhttps://www.anviz.com/contact-us.html.", "supportingMedia": [{"type": "text/html", "value": "Anviz did not respond to CISA's attempts to coordinate these \nvulnerabilities. Users should contact Anviz for more information at \nhttps://www.anviz.com/contact-us.html.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Anviz CrossChex Standard\nlacks source verification in the client/server channel, enabling TCP \npacket injection by an attacker on the same network to alter or disrupt \napplication traffic.", "supportingMedia": [{"type": "text/html", "value": "Anviz CrossChex Standard\nlacks source verification in the client/server channel, enabling TCP \npacket injection by an attacker on the same network to alter or disrupt \napplication traffic.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-940", "description": "CWE-940"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2026-04-17T19:49:28.099Z"}}}, "cveMetadata": {"cveId": "CVE-2026-40434", "state": "PUBLISHED", "dateUpdated": "2026-04-17T20:28:02.785Z", "dateReserved": "2026-04-14T15:42:14.096Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2026-04-17T19:49:28.099Z", "assignerShortName": "icscert"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:anviz:crosschex_standard:-:*:*:*:*:*:*:*", "matchCriteriaId": "155C659B-9DDA-46B7-9020-0D8741D19926", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Anviz CrossChex Standard\nlacks source verification in the client/server channel, enabling TCP \npacket injection by an attacker on the same network to alter or disrupt \napplication traffic."}], "id": "CVE-2026-40434", "lastModified": "2026-05-04T14:38:01.077", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2026-04-17T20:16:36.083", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory"], "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.json"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Product"], "url": "https://www.anviz.com/contact-us.html"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-940"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Anviz CrossChex Standard", "source": "cna", "vendor": "Anviz"}, "product": "anviz_crosschex_standard", "vendor": "anviz"}], "analysis": {"en": {"generated_at": "2026-04-18T09:03:42.787172+00:00", "value": {"mitigation_remediation": ["Contact Anviz to request a patch or update for CrossChex Standard", "Isolate the device on a dedicated network segment or VLAN and restrict access to the client/server ports", "Configure local firewalls or network ACLs to allow only known, trusted devices to communicate with the CrossChex Standard server", "Monitor network traffic for unexpected or malformed packets that could indicate injection attempts"], "summary": {"action": "Contact Vendor", "impact": "Potential manipulation or disruption of application traffic via injected TCP packets"}, "threat_synthesis": {"affected_systems": "The affected system is Anviz CrossChex Standard. No specific version information is provided, so any deployment of the product that has not applied an identified fix may be vulnerable.", "description_and_impact": "Anviz CrossChex Standard does not verify the source of communications between its client and server, allowing an attacker on the same local network to inject malicious TCP packets and alter or disrupt traffic. The flaw means that data sent by the client can be modified or replaced by an attacker with the same network address, potentially leading to unauthorized commands, data tampering, or denial of service to authorized users. The vulnerability is rooted in improper source authentication, classified as CWE-940.", "risk_and_exploitability": "The CVSS score of 8.1 reflects a high severity level, indicating significant risk to confidentiality and integrity of the system\u2019s communications. An attacker must be on the same network as the device to exploit the flaw, though the lack of source verification makes it straightforward to inject packets. The EPSS score is not available, so the exact exploitation probability is unknown, but the absence of a KEV listing suggests that a publicly known exploit has not yet been reported. Nonetheless, the high CVSS rating warrants immediate attention and mitigation."}}}}, "created": "2026-04-18T09:15:15.963960+00:00", "updated": "2026-04-20T14:59:42.052652+00:00", "vendors": ["anviz", "anviz$PRODUCT$anviz_crosschex_standard"]}