Auth bypass in Icu Scandinavia Boomerang

CVE-2026-46459

ICU Scandinavia Boomerang is vulnerable to a missing authentication flaw in its device receiver endpoints. This allows an unauthenticated remote attacker to read full facility configurations and write unauthorized data to the sensor databa…

Vulnerability class: Broken Access Control

Affected products

Weakness classification (CWE)

References