Auth bypass in Icu Scandinavia Boomerang
CVE-2026-46459
ICU Scandinavia Boomerang is vulnerable to a missing authentication flaw in its device receiver endpoints. This allows an unauthenticated remote attacker to read full facility configurations and write unauthorized data to the sensor databa…
Vulnerability class: Broken Access Control
Affected products
- Icu Scandinavia Boomerang — versions 0
Weakness classification (CWE)
References
- cvd@cert.pl (third-party-advisory)
- cvd@cert.pl (product)